Lucene search
+L

23 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.23 views

CVE-2026-8037

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints...

9.8CVSS6.1AI score0.4343EPSS
Exploits3References1
Vulnrichment
Vulnrichment
added 2026/06/04 1:13 p.m.22 views

CVE-2026-8037 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints...

9.6CVSS8AI score0.4343EPSS
Exploits3References1
EUVD
EUVD
added 2026/06/04 1:13 p.m.15 views

EUVD-2026-34260

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints...

9.6CVSS6.1AI score0.4343EPSS
Exploits3References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.31 views

PT-2026-46231

Name of the Vulnerable Software and Affected Versions Progress Kemp LoadMaster versions prior to 7.2.63.2 Progress Kemp LoadMaster LTSF versions prior to 7.2.54.17 Progress ECS Connection Manager affected versions not specified Progress Object Scale Connection Manager affected versions not...

9.8CVSS8.2AI score0.4343EPSS
Exploits3References50
RedhatCVE
RedhatCVE
added 2026/04/22 7:23 a.m.10 views

CVE-2026-3518

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “All” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the 'killsession' command...

8.4CVSS6.2AI score0.0252EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/22 7:22 a.m.9 views

CVE-2026-4048

OS Command Injection Remote Code Execution Vulnerability in UI in Progress ADC Products allows an authenticated attacker with “All” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in a custom WAF rule file during the file upload process...

8.4CVSS6.1AI score0.02132EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/22 7:22 a.m.5 views

CVE-2026-3517

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “Geo Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the 'addcountry' command...

8.4CVSS6.2AI score0.18238EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/20 3:31 p.m.5 views

EUVD-2026-23858

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “VS Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the 'aclcontrol' command...

9.3CVSS6.2AI score0.18238EPSS
Exploits4References2
NVD
NVD
added 2026/04/20 2:16 p.m.6 views

CVE-2026-4048

OS Command Injection Remote Code Execution Vulnerability in UI in Progress ADC Products allows an authenticated attacker with “All” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in a custom WAF rule file during the file upload process...

8.4CVSS0.02132EPSS
Exploits0References1
NVD
NVD
added 2026/04/20 2:16 p.m.6 views

CVE-2026-3518

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “All” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the 'killsession' command...

8.4CVSS0.0252EPSS
Exploits0References1
NVD
NVD
added 2026/04/20 2:16 p.m.8 views

CVE-2026-3519

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “VS Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the 'aclcontrol' command...

8.4CVSS0.02134EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/20 1:36 p.m.5 views

CVE-2026-4048

OS Command Injection Remote Code Execution Vulnerability in UI in Progress ADC Products allows an authenticated attacker with “All” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in a custom WAF rule file during the file upload process...

9.3CVSS6.1AI score0.18238EPSS
Exploits4References2Affected Software4
ATTACKERKB
ATTACKERKB
added 2026/04/20 1:32 p.m.6 views

CVE-2026-3519

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “VS Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the 'aclcontrol' command...

9.3CVSS6.2AI score0.18238EPSS
Exploits4References2Affected Software4
ATTACKERKB
ATTACKERKB
added 2026/04/20 1:29 p.m.6 views

CVE-2026-3518

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “All” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the 'killsession' command...

9.3CVSS6.2AI score0.18238EPSS
Exploits4References2Affected Software4
Vulnrichment
Vulnrichment
added 2026/04/20 1:22 p.m.5 views

CVE-2026-3517 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “Geo Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the 'addcountry' command...

8.4CVSS6.4AI score0.18238EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.8 views

PT-2026-33761

Name of the Vulnerable Software and Affected Versions Progress ADC LoadMaster affected versions not specified Description An OS command injection flaw in the API allows an authenticated attacker with Geo Administration permissions to execute arbitrary commands on the appliance. This is possible d...

8.4CVSS6.3AI score0.18238EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.8 views

PT-2026-33762

Name of the Vulnerable Software and Affected Versions Progress ADC Products affected versions not specified Description An OS command injection flaw allows an authenticated attacker with "All" permissions to execute arbitrary commands on the LoadMaster appliance. This occurs due to unsanitized...

8.4CVSS6.2AI score0.0252EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.8 views

PT-2026-33766

Name of the Vulnerable Software and Affected Versions Progress ADC Products affected versions not specified Description An OS Command Injection flaw in the user interface allows an authenticated attacker with "All" permissions to execute arbitrary commands on the LoadMaster appliance. This occurs...

9.3CVSS6.2AI score0.18238EPSS
Exploits4References3
RedhatCVE
RedhatCVE
added 2026/01/14 3:30 p.m.16 views

CVE-2025-13447

OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker with “User Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the API input parameters...

8.4CVSS8.2AI score0.25389EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 3:15 p.m.8 views

CVE-2025-13447

OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker with “User Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the API input parameters...

8.4CVSS0.25389EPSS
Exploits0References4
Rows per page
Query Builder