59 matches found
PT-2024-12220 · Kemp Technologies · Kemp Loadmaster +1
Name of the Vulnerable Software and Affected Versions: Kemptechnologies Loadmaster versions prior to 7.2.60.0 Description: A Buffer Overflow issue allows a remote attacker to cause a denial of service via the libkemplink.so, isreverse library. Recommendations: For versions prior to 7.2.60.0, upda...
Kemp Loadmaster 安全漏洞
Kemp Loadmaster is an optimized load balancing program from Kemp. A security vulnerability exists in versions prior to Kemp Loadmaster v.7.2.60.0. A remote attacker could exploit this vulnerability to cause a system denial of service via the libkemplink.so, isreverse library...
Progress Kemp LoadMaster Remote Command Execution
Progress Kemp LoadMaster versions 7.2.48.1 7.2.59.2 / 7.2.48.1 7.2.54.8 and 7.2.48.1 7.2.48.10 is affected by a vulnerability allowing an unauthenticated attacker to execute remote commands via a specially forged request. No source data...
Kemp LoadMaster Local sudo Privilege Escalation Exploit
This Metasploit module abuses a feature of the sudo command on Progress Kemp LoadMaster. Certain binary files are allowed to automatically elevate with the sudo command. This is based off of the file name. Some files have this permission are not write-protected from the default bal user. As such,...
Kemp LoadMaster Local sudo privilege escalation
This module abuses a feature of the sudo command on Progress Kemp LoadMaster. Certain binary files are allowed to automatically elevate with the sudo command. This is based off of the file name. Some files have this permission are not write-protected from the default 'bal' user. As such, if the...
Metasploit Weekly Wrap-Up 05/03/24
Dump secrets inline This week, our very own cdelafuente-r7 added a significant improvement to the well-known Windows Secrets Dump module to reduce the footprint when dumping SAM hashes, LSA secrets and cached credentials. The module is now directly reading the Windows Registry remotely without...
PT-2024-26505 · Kemp · Kemp Loadmaster
Name of the Vulnerable Software and Affected Versions: Kemp LoadMaster affected versions not specified Description: Unauthenticated attackers can perform actions using SSH private keys by knowing the IP address and having access to the same network of one of the machines in the HA or Cluster grou...
Kemp LoadMaster Unauthenticated Command Injection Exploit
This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Kemp LoadMaster in the authorization header after version 7.2.48.1. The following versions are patched: 7.2.59.2 GA, 7.2.54.8 LTSF, and 7.2.48.10 LTS. This module requires Metasploit:...
Kemp LoadMaster Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kemp LoadMaster Unauthenticated Command Injection', 'Description' = %q This module exploits an unauthenticated command injection vulnerability in...
Kemp LoadMaster Unauthenticated Command Injection
This module exploits an unauthenticated command injection vulnerability in Progress Kemp LoadMaster in the authorization header after vversion 7.2.48.1. The following versions are patched: 7.2.59.2 GA, 7.2.54.8 LTSF and 7.2.48.10 LTS. Module Options msf use...
CVE-2024-2448: Authenticated Command Injection In Progress Kemp LoadMaster
The post CVE-2024-2448: Authenticated Command Injection In Progress Kemp LoadMaster appeared first on Rhino Security Labs...
Progress Kemp LoadMaster Command Injection (CVE-2024-1212)
Binary data progresskemploadmasterCVE-2024-1212.nbin...
LoadMaster 安全漏洞
Kemp LoadMaster is a highly secure application from Kemp. A security vulnerability exists in LoadMaster that originates from an operating system command injection that allows an attacker to inject commands into a UI component using shell commands...
Kemp LoadMaster 跨站请求伪造漏洞
Kemp LoadMaster is a highly secure application from Kemp. Kemp LoadMaster suffers from a cross-site request forgery vulnerability that originates from allowing an attacker to direct an authenticated LoadMaster administrator to a third-party site to perform HTTP transactions on behalf of the...
Exploit for OS Command Injection in Progress Loadmaster
CVE-2024-1212 Command Injection Exploit for Kemp LoadMaster 🛡️...
CVE-2024-1212: Unauthenticated Command Injection In Progress Kemp LoadMaster
The post CVE-2024-1212: Unauthenticated Command Injection In Progress Kemp LoadMaster appeared first on Rhino Security Labs...
Vulnerability fixed in Progress Kemp LoadMaster
Progress Kemp has fixed a vulnerability in LoadMaster. The vulnerability allows a malicious party to use specially API calls to issue system commands without being authorized. being authorized to do so. For successful exploitation, the malicious party must have access to the management interface...
Kemp LoadMaster Operating System Command Injection Vulnerability
Kemp LoadMaster is a highly secure application from Kemp. A security vulnerability exists in Kemp LoadMaster version 7.2.48.1 that originates from a vulnerability that allows an unauthenticated, remote attacker to access the system via the LoadMaster management interface to execute arbitrary syst...
PT-2024-2428
Name of the Vulnerable Software and Affected Versions Progress Kemp LoadMaster affected versions not specified Description Unauthenticated remote attackers can access the system through the management interface to execute arbitrary system commands. This issue occurs because the software fails to...
Exploit for CVE-2023-28615
CVE-2023-29929: Remote "Instakill" DoS in Kemp LoadMaster via...