Progress Kemp LoadMaster Pre-Auth RCE Flaw Faces Active Exploitation Attempts

Progress Kemp LoadMaster Pre-Auth RCE Flaw Faces Active Exploitation Attempts
Active exploitation attempts have been observed against CVE-2026-8037 in Progress Kemp LoadMaster, a critical OS command injection flaw that can enable unauthenticated remote code execution. Although the observed attacks failed, the release of PoC details is likely to accelerate further malicious activity against the affected appliance. #ProgressKempLoadMaster #CVE-2026-8037 #eSentire #watchTowrLabs

Keypoints

  • eSentire TRU observed active exploitation attempts against CVE-2026-8037.
  • The flaw affects Progress Kemp LoadMaster and allows command injection.
  • Successful exploitation could let an unauthenticated attacker run arbitrary commands.
  • watchTowr Labs linked the issue to improper input handling in the escape_quotes() function.
  • The attack attempts came from 192.42.116[.]58, 192.42.116[.]105, and 146.70.139[.]154.

Read More: https://thehackernews.com/2026/07/latest-progress-kemp-loadmaster-pre.html