漏洞描述
Progress Kemp LoadMaster是一款负载均衡和应用交付控制器,由Progress Software Corporation(前身为Kemp Technologies)开发和提供。Progress Kemp LoadMaster存在命令注入漏洞,未经身份验证的远程攻击者可以通过 LoadMaster 管理界面访问系统,从而实现任意系统命令执行。
Progress Kemp LoadMaster /access/set 远程命令执行漏洞(CVE-2024-1212)
PoC代码
暂无相关漏洞推荐
- Progress Chef Automate /api/v0/compliance/profiles/search SQL 注入漏洞(CVE-2025-8868)
- Progress Telerik Report Server /Startup/Register 未授权访问漏洞(CVE-2024-4358)
- POC CVE-2024-1212: Progress Kemp LoadMaster - Command Injection
- POC CVE-2024-2389: Progress Kemp Flowmon - Command Injection
- POC CVE-2024-4358: Progress Telerik Report Server - Authentication Bypass
- POC CVE-2024-4885: Progress Software WhatsUp Gold GetFileWithoutZip Directory Traversal - Remote Code Execution
- POC CVE-2024-7591: Kemp LoadMaster Load Balancer - Unauthenticated Command Injection
- POC CVE-2024-2389: Progress Flowmon rce
- Progress Software Flowmon /service.pdfs/confluence 代码执行漏洞(CVE-2024-2389)
- Progress Telerik Report Server 数据类型转换错误 可致远程代码执行
- Progress LoadMaster 输入验证不当漏洞 可致命令执行
- Progress MOVEit Transfer 身份验证绕过漏洞
- Progress Kemp LoadMaster CVE-2024-2448 命令注入漏洞