Improper Input Validation in Progress LoadMaster Leading to OS Command Injection
CVE-2024-56132
What is CVE-2024-56132?
The vulnerability in Progress LoadMaster arises from insufficient input validation for authenticated users, which may enable an attacker to perform OS command injection. This flaw can expose systems to unauthorized command execution, posing serious security risks. Affected versions include LoadMaster ranging from 7.2.55.0 to 7.2.60.1, as well as earlier versions including 7.2.49.0 to 7.2.54.12 and 7.2.48.12. Corrective measures should be taken promptly to mitigate potential exploits.
Affected Version(s)
LoadMaster All Previous Versions < 7.2.61.0
News Articles
Progress Software Patches High-Severity LoadMaster Flaws Affecting Multiple Versions
Progress Software fixes high-severity LoadMaster flaws (CVSS 8.4) enabling command execution and file access. Affected users must update immediately.
Critical Flaw in Progress LoadMaster Allows Attackers to Execute System Commands
 A series of critical security vulnerabilities have been identified in Progress Software's LoadMaster application, potentially allowing remote attackers to execute system commands or access sensitive files.