CVE-2014-3081

IBM Global Console Manager <1.20.0.22575 Authenticated Arbitrary File Read via prodtest.php

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-3081. PoCs published by Alejandro Alvarez Bravo.

AI-analyzed exploit summary The exploit demonstrates remote code execution (RCE) and arbitrary file read vulnerabilities in IBM 1754 GCM KVM switches (v1.20.0.22575 and prior). It leverages improper input sanitization in `systest.php` and `prodtest.php` to execute commands and read files, respectively.

Description

prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Alejandro Alvarez Bravo · textremotephp

https://www.exploit-db.com/exploits/34132

View Code ZIP pw:eip

The exploit demonstrates remote code execution (RCE) and arbitrary file read vulnerabilities in IBM 1754 GCM KVM switches (v1.20.0.22575 and prior). It leverages improper input sanitization in `systest.php` and `prodtest.php` to execute commands and read files, respectively.

Classification

Working Poc 95%

Attack Type

Rce | Info Leak

Complexity

Trivial

Reliability

Reliable

Target: IBM 1754 GCM KVM switch v1.20.0.22575 and prior

Auth required

Prerequisites: Valid session ID (avctSessionId) · Network access to the target device

MITRE ATT&CK