๐Ÿ” CVE Alert

CVE-2024-1212

CRITICAL 10.0 โš ๏ธ CISA KEV

LoadMaster Pre-Authenticated OS Command Injection

CVSS Score
10.0
EPSS Score
0.0%
EPSS Percentile
0th

Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.

CWE CWE-78
Vendor progress software
Product loadmaster
Published Feb 21, 2024
Last Updated Oct 21, 2025
โš ๏ธ Actively Exploited โ€” Act Now

Get instant alerts for progress software loadmaster

This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2024-1212.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Affected Versions

Progress Software / LoadMaster
7.2.48.1 < 7.2.48.10 7.2.54.0 < 7.2.54.8 7.2.55.0 < 7.2.59.2

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
kemptechnologies.com: https://kemptechnologies.com/ freeloadbalancer.com: https://freeloadbalancer.com/ support.kemptechnologies.com: https://support.kemptechnologies.com/hc/en-us/articles/24325072850573-Release-Notice-LMOS-7-2-59-2-7-2-54-8-7-2-48-10-CVE-2024-1212 support.kemptechnologies.com: https://support.kemptechnologies.com/hc/en-us/articles/23878931058445-LoadMaster-Security-Vulnerability-CVE-2024-1212 cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-1212

Credits

Rhino Security Labs