CVE-2025-13444

🗓️ 13 Jan 2026 14:26:50Reported by ProgressSoftwareType

An authenticated user with User Administration rights can exploit API input to execute commands on LoadMaster via command injection.

Reporter	Title	Published	Views	Family All 14
Circl	CVE-2025-13444	13 Jan 202611:18	–	circl
CNNVD	Progress LoadMaster 安全漏洞	13 Jan 202600:00	–	cnnvd
CNNVD	Progress LoadMaster 安全漏洞	13 Jan 202600:00	–	cnnvd
Cvelist	CVE-2025-13444 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster	13 Jan 202614:26	–	cvelist
EUVD	EUVD-2026-2343	13 Jan 202614:26	–	euvd
EUVD	EUVD-2026-2346	13 Jan 202614:31	–	euvd
NVD	CVE-2025-13444	13 Jan 202615:15	–	nvd
OSV	CVE-2025-13444	13 Jan 202615:15	–	osv
OSV	CVE-2025-13447	13 Jan 202615:15	–	osv
Positive Technologies	PT-2026-2442	13 Jan 202600:00	–	ptsecurity

NVD

Node

progress connection_manager_for_objectscaleRange<7.2.62.2

progress ecs_connection_managerRange<7.2.62.2

progress loadmasterRange<7.2.54.16ltsf

progress loadmasterRange<7.2.62.2ga

progress moveit_wafMatch7.2.62.1

progress multi-tenant_hypervisorRange<7.1.35.15

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "LoadMaster Appliance",
      "MOVEit WAF Appliance",
      "ECS Appliance",
      "ObjectScale Appliance"
    ],
    "product": "LoadMaster",
    "vendor": "Progress Software",
    "versions": [
      {
        "lessThan": "V7.2.62.2",
        "status": "affected",
        "version": "7.2.50",
        "versionType": "custom"
      },
      {
        "lessThan": "V7.2.54.16",
        "status": "affected",
        "version": "7.2.50",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Multi Tenant LoadMaster"
    ],
    "product": "Multi Tenant LoadMaster",
    "vendor": "Progress Software",
    "versions": [
      {
        "lessThan": "V7.1.35.15",
        "status": "affected",
        "version": "7.2.39",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
community	www.community.progress.com/s/article/MOVEit-WAF-Vulnerabilities-CVE-2025-13444-CVE-2025-13447
community	www.community.progress.com/s/article/LoadMaster-Vulnerabilities-CVE-2025-13444-CVE-2025-13447
community	www.community.progress.com/s/article/ECS-Connection-Manager-Vulnerabilities-CVE-2025-13444-CVE-2025-13447
community	www.community.progress.com/s/article/Connection-Manager-for-ObjectScale-Vulnerabilities-CVE-2025-13444-CVE-2025-13447

13 Feb 2026 21:46Current

7.7High risk

Vulners AI Score7.7

CVSS 3.16.8 - 8.4

EPSS0.0005

SSVC

CWE-78