Exploit for OS Command Injection in Progress Loadmaster

CVE-2024-1212 Command Injection Exploit for Kemp LoadMaster 🛡️...

CVE-2024-1212: Unauthenticated Command Injection In Progress Kemp LoadMaster

The post CVE-2024-1212: Unauthenticated Command Injection In Progress Kemp LoadMaster appeared first on Rhino Security Labs...

Vulnerability fixed in Progress Kemp LoadMaster

Progress Kemp has fixed a vulnerability in LoadMaster. The vulnerability allows a malicious party to use specially API calls to issue system commands without being authorized. being authorized to do so. For successful exploitation, the malicious party must have access to the management interface...

CVE-2024-1212

Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution...

CVE-2024-1212

Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution...

Command injection

Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution...

CVE-2024-1212 LoadMaster Pre-Authenticated OS Command Injection

Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution...

CVE-2024-1212 LoadMaster Pre-Authenticated OS Command Injection

Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution...

CVE-2024-1212

CVE-2024-1212 Affects Progress Kemp LoadMaster. Unauthenticated attackers can trigger arbitrary command execution via the LoadMaster management interface, with exploits and PoCs published (e.g., through OS command injection on the /access/set endpoint). Public references show active exploitation ...

Kemp LoadMaster Operating System Command Injection Vulnerability

Kemp LoadMaster is a highly secure application from Kemp. A security vulnerability exists in Kemp LoadMaster version 7.2.48.1 that originates from a vulnerability that allows an unauthenticated, remote attacker to access the system via the LoadMaster management interface to execute arbitrary syst...

PT-2024-2428

Name of the Vulnerable Software and Affected Versions Kemp LoadMaster versions prior to 7.2.48.10 Kemp LoadMaster versions prior to 7.2.54.8 Kemp LoadMaster versions prior to 7.2.59.2 Description Unauthenticated remote attackers can access the system through the LoadMaster management interface,...

CVE-2024-1212

Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

Exploit for CVE-2023-28615

CVE-2023-29929: Remote "Instakill" DoS in Kemp LoadMaster via...

Exploit for CVE-2023-29929

CVE-2023-29929: Remote "Instakill" DoS in Kemp LoadMaster via...

CVE-2021-41823

The Web Application Firewall WAF in Kemp LoadMaster 7.2.54.1 allows certain uses of onmouseover to bypass an XSS protection mechanism...

CVE-2021-41823

The Web Application Firewall WAF in Kemp LoadMaster 7.2.54.1 allows certain uses of onmouseover to bypass an XSS protection mechanism...

Design/Logic Flaw

The Web Application Firewall WAF in Kemp LoadMaster 7.2.54.1 allows certain uses of onmouseover to bypass an XSS protection mechanism...

Kemp Load Master 跨站脚本漏洞

Kemp Load Master is a full-featured load balancer and Application Delivery Controller ADC from Kemp USA that supports all major application workloads. A cross-site scripting vulnerability exists in Kemp LoadMaster version 7.2.54.1, which stems from the Web Application Firewall WAF allowing the us...

PT-2023-12380 · Kemp · Kemp Loadmaster

Name of the Vulnerable Software and Affected Versions: Kemp LoadMaster version 7.2.54.1 Description: The issue allows certain uses of onmouseover to bypass an XSS protection mechanism in the Web Application Firewall WAF. Recommendations: For Kemp LoadMaster version 7.2.54.1, consider disabling th...

CVE-2021-41823

Kemp LoadMaster 7.2.54.1 WAF has a vulnerability where certain uses of onmouseover can bypass the WAF’s XSS protection. The CVSS data shows a NETWORK attack vector, LOW complexity, with no privileges required and user interaction needed, resulting in a MEDIUM base impact on confidentiality and in...