CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-2448

An OS command injection vulnerability has been identified in LoadMaster. An authenticated UI user with any permission settings may be able to inject commands into a UI component using a shell command resulting in OS command injection.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.383

EPSS Ranking 97.1%

CVSS Severity

CVSS v3 Score 8.4

References

https://progress.com/loadmaster
https://support.kemptechnologies.com/hc/en-us/articles/25119767150477-LoadMaster-Security-Vulnerabilities-CVE-2024-2448-and-CVE-2024-2449
https://progress.com/loadmaster
https://support.kemptechnologies.com/hc/en-us/articles/25119767150477-LoadMaster-Security-Vulnerabilities-CVE-2024-2448-and-CVE-2024-2449

Products affected by CVE-2024-2448

Progress » Loadmaster » Version: Any

cpe:2.3:a:progress:loadmaster:*
Progress » Loadmaster » Version: 7.1.35.10

cpe:2.3:a:progress:loadmaster:7.1.35.10
Progress » Loadmaster » Version: 7.2.48.10

cpe:2.3:a:progress:loadmaster:7.2.48.10

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-2448

Products

Pricing

Contact Us