CVE-2024-1212

CVE-2024-1212 Affects Progress Kemp LoadMaster. Unauthenticated attackers can trigger arbitrary command execution via the LoadMaster management interface, with exploits and PoCs published (e.g., through OS command injection on the /access/set endpoint). Public references show active exploitation ...

Kemp LoadMaster Operating System Command Injection Vulnerability

Kemp LoadMaster is a highly secure application from Kemp. A security vulnerability exists in Kemp LoadMaster version 7.2.48.1 that originates from a vulnerability that allows an unauthenticated, remote attacker to access the system via the LoadMaster management interface to execute arbitrary syst...

PT-2024-2428

Name of the Vulnerable Software and Affected Versions Kemp LoadMaster versions prior to 7.2.48.10 Kemp LoadMaster versions prior to 7.2.54.8 Kemp LoadMaster versions prior to 7.2.59.2 Description Unauthenticated remote attackers can access the system through the LoadMaster management interface,...

CVE-2024-1212

Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

Exploit for CVE-2023-28615

CVE-2023-29929: Remote "Instakill" DoS in Kemp LoadMaster via...

Exploit for CVE-2023-29929

CVE-2023-29929: Remote "Instakill" DoS in Kemp LoadMaster via...

CVE-2021-41823

The Web Application Firewall WAF in Kemp LoadMaster 7.2.54.1 allows certain uses of onmouseover to bypass an XSS protection mechanism...

CVE-2021-41823

The Web Application Firewall WAF in Kemp LoadMaster 7.2.54.1 allows certain uses of onmouseover to bypass an XSS protection mechanism...

Design/Logic Flaw

The Web Application Firewall WAF in Kemp LoadMaster 7.2.54.1 allows certain uses of onmouseover to bypass an XSS protection mechanism...

Kemp Load Master 跨站脚本漏洞

Kemp Load Master is a full-featured load balancer and Application Delivery Controller ADC from Kemp USA that supports all major application workloads. A cross-site scripting vulnerability exists in Kemp LoadMaster version 7.2.54.1, which stems from the Web Application Firewall WAF allowing the us...

PT-2023-12380 · Kemp · Kemp Loadmaster

Name of the Vulnerable Software and Affected Versions: Kemp LoadMaster version 7.2.54.1 Description: The issue allows certain uses of onmouseover to bypass an XSS protection mechanism in the Web Application Firewall WAF. Recommendations: For Kemp LoadMaster version 7.2.54.1, consider disabling th...

CVE-2021-41823

Kemp LoadMaster 7.2.54.1 WAF has a vulnerability where certain uses of onmouseover can bypass the WAF’s XSS protection. The CVSS data shows a NETWORK attack vector, LOW complexity, with no privileges required and user interaction needed, resulting in a MEDIUM base impact on confidentiality and in...

CVE-2021-41823

The Web Application Firewall WAF in Kemp LoadMaster 7.2.54.1 allows certain uses of onmouseover to bypass an XSS protection mechanism...

CVE-2021-41823

The Web Application Firewall WAF in Kemp LoadMaster 7.2.54.1 allows certain uses of onmouseover to bypass an XSS protection mechanism...

Security feature bypass

A critical vulnerability in the KEMP LoadMaster Operating System LMOS 6.0.44 through 7.2.41.2 and Long Term Support LTS LMOS before 7.1.35.5 related to Session Management could allow an unauthenticated, remote attacker to bypass security protections, gain system privileges, and execute elevated...

CVE-2018-9091

A critical vulnerability in the KEMP LoadMaster Operating System LMOS 6.0.44 through 7.2.41.2 and Long Term Support LTS LMOS before 7.1.35.5 related to Session Management could allow an unauthenticated, remote attacker to bypass security protections, gain system privileges, and execute elevated...

CVE-2018-9091

A critical vulnerability in the KEMP LoadMaster Operating System LMOS 6.0.44 through 7.2.41.2 and Long Term Support LTS LMOS before 7.1.35.5 related to Session Management could allow an unauthenticated, remote attacker to bypass security protections, gain system privileges, and execute elevated...

CVE-2018-9091

A critical vulnerability in the KEMP LoadMaster Operating System LMOS 6.0.44 through 7.2.41.2 and Long Term Support LTS LMOS before 7.1.35.5 related to Session Management could allow an unauthenticated, remote attacker to bypass security protections, gain system privileges, and execute elevated...

CVE-2018-9091

A critical vulnerability in the KEMP LoadMaster Operating System LMOS 6.0.44 through 7.2.41.2 and Long Term Support LTS LMOS before 7.1.35.5 related to Session Management could allow an unauthenticated, remote attacker to bypass security protections, gain system privileges, and execute elevated...

CVE-2018-9091

CVE-2018-9091 affects Kemp LoadMaster LMOS versions 6.0.44–7.2.41.2 and LMOS LTS prior to 7.1.35.5. The root cause is a session-management flaw that enables an unauthenticated, remote attacker to bypass protections, gain system privileges, and run elevated commands (e.g., ls, ps, cat), potentiall...