CVE-2013-10039

HIGH

GestioIP <ac67be - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-10039. PoCs published by bperry, including Metasploit module exploits/multi/http/gestioip_exec.

AI-analyzed exploit summary This Metasploit module exploits a command injection vulnerability in GestioIP's ip_checkhost.cgi script. It encodes the payload in base64 and injects it via the 'ip' parameter, leveraging shell command substitution to execute arbitrary commands on the target system.

Description

A command injection vulnerability exists in GestioIP 3.0 commit ac67be and earlier in ip_checkhost.cgi. Crafted input to the 'ip' parameter allows attackers to execute arbitrary shell commands on the server via embedded base64-encoded payloads. Authentication may be required depending on deployment configuration.

Exploits (1)

metasploit WORKING POC EXCELLENT
by bperry · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/gestioip_exec.rb

This Metasploit module exploits a command injection vulnerability in GestioIP's ip_checkhost.cgi script. It encodes the payload in base64 and injects it via the 'ip' parameter, leveraging shell command substitution to execute arbitrary commands on the target system.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: GestioIP 3.0
Auth required
Prerequisites: Network access to the target · Valid credentials if authentication is enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v4 8.7
EPSS 0.7333
EPSS Percentile 98.8%
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-78
Status published
Products (1)
GestioIP/IPAM < 3.0 commit ac67be
Published Jul 31, 2025
Tracked Since Feb 18, 2026