CVE-2024-1212 - Progress Kemp LoadMaster OS Command Injection Vulnerability

: Progress | Kemp LoadMaster

Date Added:
2024-11-18

Due Date:
2024-12-09

Vulnerability Name: Progress Kemp LoadMaster OS Command Injection Vulnerability

Description: Progress Kemp LoadMaster contains an OS command injection vulnerability that allows an unauthenticated, remote attacker to access the system through the LoadMaster management interface, enabling arbitrary system command execution.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes: https://community.progress.com/s/article/Release-Notice-LMOS-7-2-59-2-7-2-54-8-7-2-48-10-CVE-2024-1212 ; https://nvd.nist.gov/vuln/detail/CVE-2024-1212

Related News Articles: CISA tags Progress Kemp LoadMaster flaw as exploited in attacksNovember 20, 2024

Free online web security scanner

Don't show website scan report rating on the leaderboard