CVE-2013-10039

UNKNOWN 0.0

GestioIP 3.0 ip_checkhost.cgi RCE

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

A command injection vulnerability exists in GestioIP 3.0 commit ac67be and earlier in ip_checkhost.cgi. Crafted input to the 'ip' parameter allows attackers to execute arbitrary shell commands on the server via embedded base64-encoded payloads. Authentication may be required depending on deployment configuration.

CWE	CWE-78
Vendor	gestioip
Product	ipam
Published	Jul 31, 2025
Last Updated	Mar 5, 2026

Stay Ahead of the Next One

Get instant alerts for gestioip ipam

Be the first to know when new unknown vulnerabilities affecting gestioip ipam are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

GestioIP / IPAM

* < 3.0 commit ac67be

References

NVD ↗ CVE.org ↗ EPSS Data ↗

raw.githubusercontent.com: https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/gestioip_exec.rb sourceforge.net: https://sourceforge.net/p/gestioip/gestioip/ci/ac67be9fce5ee4c0438d27dfa5c1dcbca08c457c/ sourceforge.net: https://sourceforge.net/projects/gestioip/ vulncheck.com: https://www.vulncheck.com/advisories/gestioip-rce

Credits

bperry