CVE-2024-1212 - Progress Kemp LoadMaster OS Command Injection Vulnerability

CVE-2024-1212: Progress | Kemp LoadMaster

Date Added:
2024-11-18

Due Date:
2024-12-09

Vulnerability Name: Progress Kemp LoadMaster OS Command Injection Vulnerability

Description: Progress Kemp LoadMaster contains an OS command injection vulnerability that allows an unauthenticated, remote attacker to access the system through the LoadMaster management interface, enabling arbitrary system command execution.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes: https://community.progress.com/s/article/Release-Notice-LMOS-7-2-59-2-7-2-54-8-7-2-48-10-CVE-2024-1212 ; https://nvd.nist.gov/vuln/detail/CVE-2024-1212

Free security scan for your website

Don't show website scan report rating on the leaderboard