Summary: Progress Software has resolved multiple high-severity security vulnerabilities in its LoadMaster software that could allow malicious actors to execute commands or download files from the system. These flaws, identified by CVEs with high CVSS scores, impact various versions of the software. While no evidence of exploitation has been found, users are strongly urged to update to the latest versions for optimal security.
Affected: Progress Software LoadMaster
Keypoints :
- Multiple vulnerabilities (CVE-2024-56131, CVE-2024-56132, CVE-2024-56133, CVE-2024-56135) enable execution of arbitrary commands through improper input validation.
- CVE-2024-56134 allows for unauthorized file downloads under similar conditions.
- Affected versions include LoadMaster 7.2.55.0 to 7.2.60.1, with fixes in versions 7.2.61.0 (GA) and 7.2.54.13 (LTSF).
- Users should apply the latest patches since previous vulnerabilities have been weaponized in the past.
Source: https://thehackernews.com/2025/02/progress-software-patches-high-severity.html