14 matches found
Warning: VMware vCenter and Kemp LoadMaster Flaws Under Active Exploitation
Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerged. The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added CVE-2024-1212 CVSS score: 10.0, a maximum-severity security...
Kemp LoadMaster Local sudo Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kemp LoadMaster Local sudo privilege escalation', 'Description' = %q This module abuses a feature of the sudo command on Progress Kemp LoadMaster...
Metasploit Weekly Wrap-Up 05/03/24
Dump secrets inline This week, our very own cdelafuente-r7 added a significant improvement to the well-known Windows Secrets Dump module to reduce the footprint when dumping SAM hashes, LSA secrets and cached credentials. The module is now directly reading the Windows Registry remotely without...
Kemp LoadMaster Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kemp LoadMaster Unauthenticated Command Injection', 'Description' = %q This module exploits an unauthenticated command injection vulnerability in...
Kemp LoadMaster Unauthenticated Command Injection
This module exploits an unauthenticated command injection vulnerability in Progress Kemp LoadMaster in the authorization header after vversion 7.2.48.1. The following versions are patched: 7.2.59.2 GA, 7.2.54.8 LTSF and 7.2.48.10 LTS. Module Options msf use...
Progress Kemp LoadMaster Command Injection (CVE-2024-1212)
Binary data progresskemploadmasterCVE-2024-1212.nbin...
Exploit for OS Command Injection in Progress Loadmaster
CVE-2024-1212 Command Injection Exploit for Kemp LoadMaster 🛡️...
CVE-2024-1212: Unauthenticated Command Injection In Progress Kemp LoadMaster
The post CVE-2024-1212: Unauthenticated Command Injection In Progress Kemp LoadMaster appeared first on Rhino Security Labs...
CVE-2024-1212
creationtimestamp| type| source ---|---|--- 2024-02-21 19:21:50+00:00| seen| https://t.me/ctinow/189963 2024-02-22 21:17:34+00:00| seen| https://t.me/arpsyndicate/4053 2024-03-13 10:41:09+00:00| seen| https://t.me/ctinow/206537 2024-03-21 13:36:23+00:00| seen| https://t.me/arpsyndicate/4270...
CVE-2024-1212
Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution...
CVE-2024-1212 LoadMaster Pre-Authenticated OS Command Injection
Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution...
CVE-2024-1212 LoadMaster Pre-Authenticated OS Command Injection
Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution...
CVE-2024-1212
CVE-2024-1212 Affects Progress Kemp LoadMaster. Unauthenticated attackers can trigger arbitrary command execution via the LoadMaster management interface, with exploits and PoCs published (e.g., through OS command injection on the /access/set endpoint). Public references show active exploitation ...
CVE-2024-1212
Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...