Lucene search
+L

59 matches found

ptsecurity
ptsecurity
added 2024/08/21 12:0 a.m.5 views

PT-2024-12220 · Kemp Technologies · Kemp Loadmaster +1

Name of the Vulnerable Software and Affected Versions: Kemptechnologies Loadmaster versions prior to 7.2.60.0 Description: A Buffer Overflow issue allows a remote attacker to cause a denial of service via the libkemplink.so, isreverse library. Recommendations: For versions prior to 7.2.60.0, upda...

7.5CVSS7.4AI score0.00672EPSS
Exploits2References10
cnnvd
cnnvd
added 2024/08/21 12:0 a.m.3 views

Kemp Loadmaster 安全漏洞

Kemp Loadmaster is an optimized load balancing program from Kemp. A security vulnerability exists in versions prior to Kemp Loadmaster v.7.2.60.0. A remote attacker could exploit this vulnerability to cause a system denial of service via the libkemplink.so, isreverse library...

7.5CVSS6.6AI score0.00672EPSS
Exploits2References3
nessus
nessus
added 2024/07/22 12:0 a.m.18 views

Progress Kemp LoadMaster Remote Command Execution

Progress Kemp LoadMaster versions 7.2.48.1 7.2.59.2 / 7.2.48.1 7.2.54.8 and 7.2.48.1 7.2.48.10 is affected by a vulnerability allowing an unauthenticated attacker to execute remote commands via a specially forged request. No source data...

10CVSS7.9AI score0.95388EPSS
Exploits9References3
zdt
zdt
added 2024/05/13 12:0 a.m.276 views

Kemp LoadMaster Local sudo Privilege Escalation Exploit

This Metasploit module abuses a feature of the sudo command on Progress Kemp LoadMaster. Certain binary files are allowed to automatically elevate with the sudo command. This is based off of the file name. Some files have this permission are not write-protected from the default bal user. As such,...

10CVSS9.5AI score0.95388EPSS
Exploits9
metasploit
metasploit
added 2024/05/10 7:56 p.m.218 views

Kemp LoadMaster Local sudo privilege escalation

This module abuses a feature of the sudo command on Progress Kemp LoadMaster. Certain binary files are allowed to automatically elevate with the sudo command. This is based off of the file name. Some files have this permission are not write-protected from the default 'bal' user. As such, if the...

10CVSS9.2AI score0.95388EPSS
Exploits9
rapid7blog
rapid7blog
added 2024/05/03 6:29 p.m.32 views

Metasploit Weekly Wrap-Up 05/03/24

Dump secrets inline This week, our very own cdelafuente-r7 added a significant improvement to the well-known Windows Secrets Dump module to reduce the footprint when dumping SAM hashes, LSA secrets and cached credentials. The module is now directly reading the Windows Registry remotely without...

7.5CVSS9.6AI score0.95388EPSS
Exploits9
ptsecurity
ptsecurity
added 2024/05/02 12:0 a.m.5 views

PT-2024-26505 · Kemp · Kemp Loadmaster

Name of the Vulnerable Software and Affected Versions: Kemp LoadMaster affected versions not specified Description: Unauthenticated attackers can perform actions using SSH private keys by knowing the IP address and having access to the same network of one of the machines in the HA or Cluster grou...

7.5CVSS6.4AI score0.00379EPSS
Exploits0References8
zdt
zdt
added 2024/04/29 12:0 a.m.475 views

Kemp LoadMaster Unauthenticated Command Injection Exploit

This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Kemp LoadMaster in the authorization header after version 7.2.48.1. The following versions are patched: 7.2.59.2 GA, 7.2.54.8 LTSF, and 7.2.48.10 LTS. This module requires Metasploit:...

10CVSS9.9AI score0.95388EPSS
Exploits9
packetstorm
packetstorm
added 2024/04/29 12:0 a.m.411 views

Kemp LoadMaster Unauthenticated Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kemp LoadMaster Unauthenticated Command Injection', 'Description' = %q This module exploits an unauthenticated command injection vulnerability in...

10CVSS7.4AI score0.95388EPSS
Exploits9
metasploit
metasploit
added 2024/04/27 7:54 p.m.261 views

Kemp LoadMaster Unauthenticated Command Injection

This module exploits an unauthenticated command injection vulnerability in Progress Kemp LoadMaster in the authorization header after vversion 7.2.48.1. The following versions are patched: 7.2.59.2 GA, 7.2.54.8 LTSF and 7.2.48.10 LTS. Module Options msf use...

10CVSS8.7AI score0.95388EPSS
Exploits9
rhino
rhino
added 2024/04/16 2:0 p.m.32 views

CVE-2024-2448: Authenticated Command Injection In Progress Kemp LoadMaster

The post CVE-2024-2448: Authenticated Command Injection In Progress Kemp LoadMaster appeared first on Rhino Security Labs...

8.8CVSS9.1AI score0.55422EPSS
Exploits0
nessus
nessus
added 2024/03/25 12:0 a.m.45 views

Progress Kemp LoadMaster Command Injection (CVE-2024-1212)

Binary data progresskemploadmasterCVE-2024-1212.nbin...

10CVSS9.6AI score0.95388EPSS
Exploits9References3
cnnvd
cnnvd
added 2024/03/22 12:0 a.m.5 views

LoadMaster 安全漏洞

Kemp LoadMaster is a highly secure application from Kemp. A security vulnerability exists in LoadMaster that originates from an operating system command injection that allows an attacker to inject commands into a UI component using shell commands...

8.8CVSS8.8AI score0.55422EPSS
Exploits0References3
cnnvd
cnnvd
added 2024/03/22 12:0 a.m.4 views

Kemp LoadMaster 跨站请求伪造漏洞

Kemp LoadMaster is a highly secure application from Kemp. Kemp LoadMaster suffers from a cross-site request forgery vulnerability that originates from allowing an attacker to direct an authenticated LoadMaster administrator to a third-party site to perform HTTP transactions on behalf of the...

8.8CVSS8.2AI score0.55422EPSS
Exploits0References3
githubexploit
githubexploit
added 2024/03/19 10:23 p.m.763 views

Exploit for OS Command Injection in Progress Loadmaster

CVE-2024-1212 Command Injection Exploit for Kemp LoadMaster 🛡️...

10CVSS10AI score0.95388EPSS
Exploits9
rhino
rhino
added 2024/03/19 2:0 p.m.29 views

CVE-2024-1212: Unauthenticated Command Injection In Progress Kemp LoadMaster

The post CVE-2024-1212: Unauthenticated Command Injection In Progress Kemp LoadMaster appeared first on Rhino Security Labs...

10CVSS9.8AI score0.95388EPSS
Exploits9
ncsc
ncsc
added 2024/02/22 12:0 a.m.4 views

Vulnerability fixed in Progress Kemp LoadMaster

Progress Kemp has fixed a vulnerability in LoadMaster. The vulnerability allows a malicious party to use specially API calls to issue system commands without being authorized. being authorized to do so. For successful exploitation, the malicious party must have access to the management interface...

10CVSS7AI score0.95388EPSS
Exploits9
cnnvd
cnnvd
added 2024/02/21 12:0 a.m.5 views

Kemp LoadMaster Operating System Command Injection Vulnerability

Kemp LoadMaster is a highly secure application from Kemp. A security vulnerability exists in Kemp LoadMaster version 7.2.48.1 that originates from a vulnerability that allows an unauthenticated, remote attacker to access the system via the LoadMaster management interface to execute arbitrary syst...

10CVSS7.4AI score0.95388EPSS
Exploits9References6
ptsecurity
ptsecurity
added 2024/02/21 12:0 a.m.5 views

PT-2024-2428

Name of the Vulnerable Software and Affected Versions Progress Kemp LoadMaster affected versions not specified Description Unauthenticated remote attackers can access the system through the management interface to execute arbitrary system commands. This issue occurs because the software fails to...

10CVSS7.8AI score0.95388EPSS
Exploits9References93
githubexploit
githubexploit
added 2023/04/14 3:41 p.m.8 views

Exploit for CVE-2023-28615

CVE-2023-29929: Remote "Instakill" DoS in Kemp LoadMaster via...

7.5CVSS9.9AI score0.00672EPSS
Exploits2
Rows per page
Query Builder