Lucene search
K

14 matches found

The Hacker News
The Hacker News
added 2024/11/19 6:31 a.m.20 views

Warning: VMware vCenter and Kemp LoadMaster Flaws Under Active Exploitation

Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerged. The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added CVE-2024-1212 CVSS score: 10.0, a maximum-severity security...

10CVSS9AI score0.95388EPSS
Exploits12
Packet Storm
Packet Storm
added 2024/05/13 12:0 a.m.250 views

Kemp LoadMaster Local sudo Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kemp LoadMaster Local sudo privilege escalation', 'Description' = %q This module abuses a feature of the sudo command on Progress Kemp LoadMaster...

10CVSS7.4AI score0.95388EPSS
Exploits9
Rapid7 Blog
Rapid7 Blog
added 2024/05/03 6:29 p.m.32 views

Metasploit Weekly Wrap-Up 05/03/24

Dump secrets inline This week, our very own cdelafuente-r7 added a significant improvement to the well-known Windows Secrets Dump module to reduce the footprint when dumping SAM hashes, LSA secrets and cached credentials. The module is now directly reading the Windows Registry remotely without...

7.5CVSS9.6AI score0.95388EPSS
Exploits9
Packet Storm
Packet Storm
added 2024/04/29 12:0 a.m.411 views

Kemp LoadMaster Unauthenticated Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kemp LoadMaster Unauthenticated Command Injection', 'Description' = %q This module exploits an unauthenticated command injection vulnerability in...

10CVSS7.4AI score0.95388EPSS
Exploits9
Metasploit
Metasploit
added 2024/04/27 7:54 p.m.259 views

Kemp LoadMaster Unauthenticated Command Injection

This module exploits an unauthenticated command injection vulnerability in Progress Kemp LoadMaster in the authorization header after vversion 7.2.48.1. The following versions are patched: 7.2.59.2 GA, 7.2.54.8 LTSF and 7.2.48.10 LTS. Module Options msf use...

10CVSS8.7AI score0.95388EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2024/03/25 12:0 a.m.45 views

Progress Kemp LoadMaster Command Injection (CVE-2024-1212)

Binary data progresskemploadmasterCVE-2024-1212.nbin...

10CVSS9.6AI score0.95388EPSS
Exploits9References3
GithubExploit
GithubExploit
added 2024/03/19 10:23 p.m.760 views

Exploit for OS Command Injection in Progress Loadmaster

CVE-2024-1212 Command Injection Exploit for Kemp LoadMaster 🛡️...

10CVSS10AI score0.95388EPSS
Exploits9
Rhino Security Labs
Rhino Security Labs
added 2024/03/19 2:0 p.m.29 views

CVE-2024-1212: Unauthenticated Command Injection In Progress Kemp LoadMaster

The post CVE-2024-1212: Unauthenticated Command Injection In Progress Kemp LoadMaster appeared first on Rhino Security Labs...

10CVSS9.8AI score0.95388EPSS
Exploits9
Circl
Circl
added 2024/02/21 7:21 p.m.48 views

CVE-2024-1212

creationtimestamp| type| source ---|---|--- 2024-02-21 19:21:50+00:00| seen| https://t.me/ctinow/189963 2024-02-22 21:17:34+00:00| seen| https://t.me/arpsyndicate/4053 2024-03-13 10:41:09+00:00| seen| https://t.me/ctinow/206537 2024-03-21 13:36:23+00:00| seen| https://t.me/arpsyndicate/4270...

10CVSS7.5AI score0.95388EPSS
In wildExploits9References30
NVD
NVD
added 2024/02/21 6:15 p.m.16 views

CVE-2024-1212

Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution...

10CVSS9.7AI score0.95388EPSS
Exploits9References5
Cvelist
Cvelist
added 2024/02/21 5:39 p.m.38 views

CVE-2024-1212 LoadMaster Pre-Authenticated OS Command Injection

Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution...

10CVSS9.8AI score0.95388EPSS
Exploits9References4
Vulnrichment
Vulnrichment
added 2024/02/21 5:39 p.m.18 views

CVE-2024-1212 LoadMaster Pre-Authenticated OS Command Injection

Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution...

10CVSS9.2AI score0.95388EPSS
Exploits9References4
CVE
CVE
added 2024/02/21 5:39 p.m.267 views

CVE-2024-1212

CVE-2024-1212 Affects Progress Kemp LoadMaster. Unauthenticated attackers can trigger arbitrary command execution via the LoadMaster management interface, with exploits and PoCs published (e.g., through OS command injection on the /access/set endpoint). Public references show active exploitation ...

10CVSS9.2AI score0.95388EPSS
In wildExploits9References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2024/02/21 12:0 a.m.18 views

CVE-2024-1212

Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

10CVSS7.2AI score0.95388EPSS
In wildExploits9References5
Rows per page
Query Builder