Description
Due to a command injection vulnerability in Kemp LoadMaster, au unauthenticated attacker can execute arbitrary OS commands with a specially crafted HTTP request.
Remediation
Upgrade to the latest version of Kemp LoadMaster
References
LoadMaster Security Vulnerability CVE-2024-1212
CVE-2024-1212: Unauthenticated Command Injection In Progress Kemp LoadMaster
Related Vulnerabilities
Deserialization of Untrusted Data (Java JSON Deserialization) Jackson
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30130)
PrestaShop CVE-2024-34717 Vulnerability (CVE-2024-34717)
Jenkins Cryptographic Issues Vulnerability (CVE-2014-2061)
Envoy Proxy Origin Validation Error Vulnerability (CVE-2020-15104)