Published: 21/02/2024 Updated: 22/02/2024

Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.

Check Point Reference: CPAI-2024-0143 Date Published: 31 Mar 2024 Severity: Critical ...

This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Kemp LoadMaster in the authorization header after version 72481 The following versions are patched: 72592 (GA), 72548 (LTSF), and 724810 (LTS) ...

This Metasploit module abuses a feature of the sudo command on Progress Kemp LoadMaster Certain binary files are allowed to automatically elevate with the sudo command This is based off of the file name Some files have this permission are not write-protected from the default bal user As such, if the file is overwritten with an arbitrary file, i ...

Unauthenticated Command Injection In Progress Kemp LoadMaster

CVE-2024-1212 Command Injection Exploit for Kemp LoadMaster 🛡️🔓 This Python script is designed as a proof of concept (PoC) to demonstrate an unauthenticated command injection vulnerability in Kemp LoadMaster, identified as CVE-2024-1212 Features 🌟 Scan a single target or multiple targets for the CVE-2024-1212 vulnerability Execute commands on vulnerable targets U

https://kemptechnologies.com/https://freeloadbalancer.com/https://support.kemptechnologies.com/hc/en-us/articles/24325072850573-Release-Notice-LMOS-7-2-59-2-7-2-54-8-7-2-48-10-CVE-2024-1212 https://support.kemptechnologies.com/hc/en-us/articles/23878931058445-LoadMaster-Security-Vulnerability-CVE-2024-1212 https://nvd.nist.gov https://github.com/Chocapikk/CVE-2024-1212 https://packetstormsecurity.com/files/178305/Kemp-LoadMaster-Unauthenticated-Command-Injection.html https://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2024-0143.html

CVE-2024-1212

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect