Vulnerability Details CVE-2024-1212
Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.944
EPSS Ranking 100.0%
CVSS Severity
CVSS v3 Score 10.0
Proposed Action
Progress Kemp LoadMaster contains an OS command injection vulnerability that allows an unauthenticated, remote attacker to access the system through the LoadMaster management interface, enabling arbitrary system command execution.
Ransomware Campaign
Unknown
References
- https://freeloadbalancer.com/
- https://kemptechnologies.com/
- https://support.kemptechnologies.com/hc/en-us/articles/23878931058445-LoadMaster-Security-Vulnerability-CVE-2024-1212
- https://support.kemptechnologies.com/hc/en-us/articles/24325072850573-Release-Notice-LMOS-7-2-59-2-7-2-54-8-7-2-48-10-CVE-2024-1212
- https://freeloadbalancer.com/
- https://kemptechnologies.com/
- https://support.kemptechnologies.com/hc/en-us/articles/23878931058445-LoadMaster-Security-Vulnerability-CVE-2024-1212
- https://support.kemptechnologies.com/hc/en-us/articles/24325072850573-Release-Notice-LMOS-7-2-59-2-7-2-54-8-7-2-48-10-CVE-2024-1212
Products affected by CVE-2024-1212
-
cpe:2.3:a:progress:loadmaster:7.2.48.1
-
cpe:2.3:a:progress:loadmaster:7.2.48.2
-
cpe:2.3:a:progress:loadmaster:7.2.48.3
-
cpe:2.3:a:progress:loadmaster:7.2.48.4
-
cpe:2.3:a:progress:loadmaster:7.2.48.5
-
cpe:2.3:a:progress:loadmaster:7.2.48.6
-
cpe:2.3:a:progress:loadmaster:7.2.48.7
-
cpe:2.3:a:progress:loadmaster:7.2.48.8
-
cpe:2.3:a:progress:loadmaster:7.2.48.9
-
cpe:2.3:a:progress:loadmaster:7.2.54.0
-
cpe:2.3:a:progress:loadmaster:7.2.54.1
-
cpe:2.3:a:progress:loadmaster:7.2.54.2
-
cpe:2.3:a:progress:loadmaster:7.2.54.2.21253
-
cpe:2.3:a:progress:loadmaster:7.2.54.3
-
cpe:2.3:a:progress:loadmaster:7.2.54.4
-
cpe:2.3:a:progress:loadmaster:7.2.54.5
-
cpe:2.3:a:progress:loadmaster:7.2.54.6
-
cpe:2.3:a:progress:loadmaster:7.2.54.7
-
cpe:2.3:a:progress:loadmaster:7.2.55.0
-
cpe:2.3:a:progress:loadmaster:7.2.56.0
-
cpe:2.3:a:progress:loadmaster:7.2.57.0
-
cpe:2.3:a:progress:loadmaster:7.2.58.0
-
cpe:2.3:a:progress:loadmaster:7.2.59.0
-
cpe:2.3:a:progress:loadmaster:7.2.59.1