2025-07-31 14:55:54
VulnCheck
PUBLISHED
A command injection vulnerability exists in GestioIP 3.0 commit ac67be and earlier in ip_checkhost.cgi. Crafted input to the ip parameter allows attackers to execute arbitrary shell commands on the server via embedded base64-encoded payloads. Authentication may be required depending on deployment configuration.