PULSE
EN VIVO37señales / 24h
FEED
ransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomplay reclama a Svensk Direktreklam · SE · Business Servicesransomchaos reclama a radiax.com · US · Technologyransominterlock reclama a Converting Equipment International · GB · Manufacturingransomblack x reclama a sanaa · YE · Not Foundransomthegentlemen reclama a Tangram Interiors · GB · Business Servicesransomthegentlemen reclama a BRAC · BD · Business Servicesransomthegentlemen reclama a Customs Watch · US · Public Sectorransomthegentlemen reclama a Gallant · FI · Not Foundransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomplay reclama a Svensk Direktreklam · SE · Business Servicesransomchaos reclama a radiax.com · US · Technologyransominterlock reclama a Converting Equipment International · GB · Manufacturingransomblack x reclama a sanaa · YE · Not Foundransomthegentlemen reclama a Tangram Interiors · GB · Business Servicesransomthegentlemen reclama a BRAC · BD · Business Servicesransomthegentlemen reclama a Customs Watch · US · Public Sectorransomthegentlemen reclama a Gallant · FI · Not Found
← Todos los CVEs
CVE Watch13 jul 2026

CVE-2024-1212

Progress Kemp LoadMaster OS Command Injection Vulnerability

CVSS

10.0

Crítico

EPSS

95.4%

p100

KEV

18 nov 2024

Exploit Today

80

0-100

Publicado: 21 feb 2024 · Última mod.: 13 jul 2026 · CWE-78

EPSS · 30d
95.4%EPSS · 30 días95.4%
2026-06-302026-07-16
Ficha del catálogo KEV

Producto

Progress / Kemp LoadMaster

Vulnerabilidad

Progress Kemp LoadMaster OS Command Injection Vulnerability

Añadido a KEV

18 nov 2024

Remediar antes de

9 dic 2024

Uso conocido en ransomware

No

Descripción resumida

Progress Kemp LoadMaster contains an OS command injection vulnerability that allows an unauthenticated, remote attacker to access the system through the LoadMaster management interface, enabling arbitrary system command execution.

Acción requerida

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Notas

https://community.progress.com/s/article/Release-Notice-LMOS-7-2-59-2-7-2-54-8-7-2-48-10-CVE-2024-1212 ; https://nvd.nist.gov/vuln/detail/CVE-2024-1212

Descripción técnica

Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.

Referencias oficiales
CVEs relacionados
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2026-341978.8 ALT
99.9%
KEV80Apache ActiveMQ Improper Input Validation Vulnerability2d
CVE-2022-262589.8 CRÍ
99.6%
KEV80D-Link DIR-820L Remote Code Execution Vulnerability7d
CVE-2026-422718.8 ALT
99.6%
KEV80BerriAI LiteLLM Command Injection Vulnerability2d
CVE-2021-252988.8 ALT
99.5%
KEV80Nagios XI OS Command Injection7d
CVE-2021-252978.8 ALT
98.9%
KEV80Nagios XI OS Command Injection7d
CVE-2023-463599.8 CRÍ
99.5%
30An OS command injection vulnerability in Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature.8d