Progress LoadMaster
Moderate fix2 remedies
cpe:2.3:a:progress:loadmaster:*:*:*:*:*:*:*
Moderate fix2 remedies
- >= 7.2.55.0, <= 7.2.60.1
- >= 7.2.49.0, <= 7.2.54.12
- 7.2.48.12
- ~0
Progress LoadMaster OS Command Injection Vulnerability
Vulnerability
Patched
A command injection vulnerability has been identified in Progress LoadMaster, affecting authenticated users. This issue allows OS command injection by executing arbitrary system commands through the management interface. The vulnerability is present in LoadMaster versions 7.2.55.0 to 7.2.60.1 (inclusive), 7.2.49.0 to 7.2.54.12 (inclusive), 7.2.48.12, and all prior versions. Additionally, all versions prior to 7.2.60.1 (inclusive) of LoadMaster Multi-Tenant (MT) hypervisor) are affected.
Impact
Exploitation of this vulnerability allows authenticated users to execute arbitrary system commands on the LoadMaster appliance.
Remediation
To address this vulnerability, users should upgrade to LoadMaster version 7.2.61.0 (GA) or 7.2.54.13 (LTSF). For LoadMaster Multi-Tenant (MT), upgrade to version 7.1.35.13 (GA). Instructions for upgrading LoadMaster firmware are available in the Kemp Technologies Knowledge Base.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
5.2impact
10.0exploitability
5.4remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.