CVE-2024-56134

High CVSS: 8.4

Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.

This issue affects:

 Product

Affected Versions

LoadMaster

From 7.2.55.0 to 7.2.60.1 (inclusive)

 

From 7.2.49.0 to 7.2.54.12 (inclusive)

 

7.2.48.12 and all prior versions

Multi-Tenant Hypervisor

7.1.35.12 and all prior versions

ECS

All prior versions to 7.2.60.1 (inclusive)

Vendor

Progress

Product

Multi-tenant Loadmaster

CWE

CWE-20

Yayın Tarihi

2025-02-05 18:15:29

Güncelleme

2025-07-31 14:02:39

Source Identifier

security@progress.com

KEV Date Added

Kategoriler

CWE-20 Multi-tenant Loadmaster HIGH Progress 2025

Referanslar

https://community.progress.com/s/article/LoadMaster-Security-Vulnerability-CVE-2024-56131-CVE-2024-56132-CVE-2024-56133-CVE-2024-56134-CVE-2024-56135

Benzer Kayıtlar

Medium

CVE-2026-2878

In Progress® Telerik® UI for AJAX, versions prior to 2026.1.225, an insufficient entropy vulnerability exists in RadAsyn…

High

CVE-2025-13447

OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker…

High

CVE-2025-13444

OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker…

High

CVE-2025-13774

A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL injection vulnerability…

Low

CVE-2025-11235

Unverified Password Change vulnerability in Progress MOVEit Transfer on Windows (REST API modules).This issue affects MO…

Medium

CVE-2025-13147

Server-Side Request Forgery (SSRF) vulnerability in Progress MOVEit Transfer.This issue affects MOVEit Transfer: before…