Vulnerability Details CVE-2014-5287
A Bash script injection vulnerability exists in Kemp Load Master 7.1-16 and earlier due to a failure to sanitize input in the Web User Interface (WUI).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.139
EPSS Ranking 94.0%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
- http://packetstormsecurity.com/files/131284/Kemp-Load-Master-7.1-16-CSRF-XSS-DoS-Code-Execution.html
- https://www.exploit-db.com/exploits/36609/
- https://www.fxc.jp/news/Product_Overview-LoadMaster_Release_Notes.pdf
- http://packetstormsecurity.com/files/131284/Kemp-Load-Master-7.1-16-CSRF-XSS-DoS-Code-Execution.html
- https://www.exploit-db.com/exploits/36609/
- https://www.fxc.jp/news/Product_Overview-LoadMaster_Release_Notes.pdf
Products affected by CVE-2014-5287
-
cpe:2.3:a:kemptechnologies:loadmaster:7.0-10
-
cpe:2.3:a:kemptechnologies:loadmaster:7.0-4
-
cpe:2.3:a:kemptechnologies:loadmaster:7.0-6
-
cpe:2.3:a:kemptechnologies:loadmaster:7.0-7
-
cpe:2.3:a:kemptechnologies:loadmaster:7.0-8
-
cpe:2.3:a:kemptechnologies:loadmaster:7.1-16