CVSS: 8.4EPSS: 1%CPEs: 3EXPL: 0CVE-2024-6658 – Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows OS Command Injection.
https://notcve.org/view.php?id=CVE-2024-6658
12 Sep 2024 — Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows OS Command Injection.This issue affects: Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.0 (inclusive) From 7.2.49.0 to 7.2.54.11 (inclusive) 7.2.48.12 and all prior versions Multi-Tenant Hypervisor 7.1.35.11 and all prior versions ECS All prior versions to 7.2.60.0 (inclusive) • https://support.kemptechnologies.com/hc/en-us/articles/28910587250701 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-29929
https://notcve.org/view.php?id=CVE-2023-29929
21 Aug 2024 — Buffer Overflow vulnerability found in Kemptechnologies Loadmaster before v.7.2.60.0 allows a remote attacker to casue a denial of service via the libkemplink.so, isreverse library. • https://github.com/YSaxon/CVE-2023-29929 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2018-9091
https://notcve.org/view.php?id=CVE-2018-9091
25 May 2018 — A critical vulnerability in the KEMP LoadMaster Operating System (LMOS) 6.0.44 through 7.2.41.2 and Long Term Support (LTS) LMOS before 7.1.35.5 related to Session Management could allow an unauthenticated, remote attacker to bypass security protections, gain system privileges, and execute elevated commands such as ls, ps, cat, etc., thereby compromising the system. Through this remote execution, in certain cases, exposure of sensitive system data such as certificates, private keys, and other information ma... • https://support.kemptechnologies.com/hc/en-us/articles/360001982452-Mitigation-for-Remote-Access-Execution-Vulnerability •
CVSS: 8.8EPSS: 13%CPEs: 1EXPL: 3CVE-2014-5287 – Kemp Load Master 7.1.16 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2014-5287
03 Apr 2015 — A Bash script injection vulnerability exists in Kemp Load Master 7.1-16 and earlier due to a failure to sanitize input in the Web User Interface (WUI). Existe una vulnerabilidad de inyección de script Bash en Kemp Load Master versión 7.1-16 y anteriores, debido a un fallo en el saneamiento de la entrada en la Interfaz de Usuario Web (WUI). Kemp Load Master version 7.1-16 suffers from code execution, cross site request forgery, cross site scripting, and denial of service vulnerabilities. • https://packetstorm.news/files/id/131284 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •