Latest Cyber Security News

You are here: Home / General Cyber Security News / Progress Software Patches High-Severity LoadMaster Flaws Affecting Multiple Versions
February 11, 2025

Progress Software has addressed multiple high-severity security flaws in its LoadMaster software that could be exploited by malicious actors to execute arbitrary system commands or download any file from the system.

Kemp LoadMaster is a high-performance application delivery controller (ADC) and load balancer that provides availability, scalability, performance, and security for business-critical applications and websites.

The identified vulnerabilities are listed below –

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


  • CVE-2024-56131, CVE-2024-56132, CVE-2024-56133, and CVE-2024-56135 (CVSS scores: 8.4) – A set of improper input validation vulnerabilities that allows remote malicious actors who gain access to the management interface of LoadMaster and successfully authenticate to execute arbitrary system commands via a carefully crafted HTTP request
  • CVE-2024-56134 (CVSS score: 8.4) – An improper input validation vulnerability that allows remote malicious actors who gain access to the management interface of LoadMaster and successfully authenticate to download the content of any file on the system via a carefully crafted HTTP request

Cybersecurity

The following versions of the software are affected by the flaws –

  • LoadMaster versions from 7.2.55.0 to 7.2.60.1 (inclusive) - Fixed in 7.2.61.0 (GA)
  • LoadMaster versions from 7.2.49.0 to 7.2.54.12 (inclusive) – Fixed in 7.2.54.13 (LTSF)
  • LoadMaster version 7.2.48.12 and prior – Upgrade to LTSF or GA
  • Multi-Tenant LoadMaster version 7.1.35.12 and prior – Fixed in 7.1.35.13 (GA)

Progress Software noted that it has no evidence that any of the aforementioned vulnerabilities have been exploited in the wild. That said, with previously disclosed flaws weaponized by threat actors in the past, it’s essential that customers apply the latest patches for optimal protection.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.


Some parts of this article are sourced from:
thehackernews.com

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *