Unrated severityCISA KEVNVD Advisory· Published Feb 21, 2024· Updated Oct 21, 2025
LoadMaster Pre-Authenticated OS Command Injection
CVE-2024-1212
Description
Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Progress Software/LoadMasterv5Range: 7.2.48.1
Patches
Vulnerability mechanics
References
4- support.kemptechnologies.com/hc/en-us/articles/23878931058445-LoadMaster-Security-Vulnerability-CVE-2024-1212mitrevendor-advisory
- support.kemptechnologies.com/hc/en-us/articles/24325072850573-Release-Notice-LMOS-7-2-59-2-7-2-54-8-7-2-48-10-CVE-2024-1212mitrevendor-advisory
- freeloadbalancer.commitreproduct
- kemptechnologies.commitreproduct
News mentions
2- Progress Kemp LoadMaster Pre-Auth RCE Flaw Faces Active Exploitation AttemptsThe Hacker News · Jul 1, 2026
- Progress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-AuthThe Hacker News · Jun 30, 2026