Summary: Progress has released a security advisory outlining multiple vulnerabilities affecting all current LoadMaster releases, which could allow authenticated attackers to execute arbitrary commands or download sensitive files. The vulnerabilities arise from improper input validation and impact several specific LoadMaster versions. Customers are urged to upgrade their systems to patched versions to mitigate the risks involved.
Affected: Progress LoadMaster systems
Keypoints :
- Vulnerabilities identified as CVE-2024-56131 to CVE-2024-56135.
- Improper input validation allows authenticated access to execute arbitrary commands.
- Affected versions include LoadMaster 7.2.48.12 and prior, and several versions up to 7.2.60.1.
- Progress has not received reports of exploitation, but customers are advised to upgrade immediately.
- Patching includes input sanitization to prevent command execution.
- Downloads for patched firmware are available in the Progress Knowledge Base.
Source: https://securityonline.info/progress-loadmaster-security-update-multiple-vulnerabilities-addressed/