CVE Tools

CVE-2024-1212

LoadMaster Pre-Authenticated OS Command Injection

Published: Feb 21, 2024Updated: Feb 26, 2026 Sources: CVE List NVD BDUCWE-78

Description

Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.

In plain language

AI Act now

CVE-2024-1212 is a critical flaw in LoadMaster where anyone on the network can send a crafted request and run commands on the device, with no login required—small businesses should treat this as an urgent emergency if your LoadMaster management interface is reachable.

Executive summary

Unauthenticated network command injection in LoadMaster management interface allows arbitrary system command execution (CWE-78), with no user interaction; this is listed in CISA KEV for real-world exploitation and requires mitigation by 2024-12-09.

If affected, business impact
Full device takeoverMalware and persistenceService outageData theft from device

What to do now

  1. Check whether your LoadMaster management interface is reachable from the internet or other untrusted networks (and confirm if it is exposed by firewall/port-forwarding).
  2. If it is reachable, plan an immediate upgrade to one of the fixed LoadMaster versions.
  3. Upgrade LoadMaster to 7.2.48.10, 7.2.54.8, or 7.2.59.2 (use the highest version your environment supports).
  4. If you cannot upgrade right away, follow the vendor’s mitigation steps from the Kemp Technologies security advisory and restrict access to the management interface as required.
  5. After changes, verify the management interface is no longer reachable from untrusted networks and monitor the device for suspicious activity.
Usually a quick update

CVSS Vector Breakdown

AV:NAC:LPR:NUI:NS:CC:HI:HA:H
Exploitability
AV:NAttack Vector
Network
AC:LAttack Complexity
Low
PR:NPrivileges Required
None
UI:NUser Interaction
None
Scope
S:CScope
Changed
Impact
C:HConfidentiality
High
I:HIntegrity
High
A:HAvailability
High

Weaknesses

Affected Products

Progress Software Corporation
commercial·USaka whatsup gold, loadmaster, moveit transfer
progress
commercial·CAaka moveit transfer, ws ftp server, whatsup gold

Exploitability

CISA Known Exploited Vulnerability
Added to KEV:Nov 18, 2024
Remediation due:Dec 9, 2024

Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

1 exploit source identified

Exploit details including PoC links, Metasploit modules, and scanner templates are available after registration.

View exploit details
Official Patch Available

Attack Graph

Products CVE Techniques Tactics

Click technique nodes for MITRE ATT&CK details · drag to pan · Ctrl/ + scroll to zoom, or go fullscreen.

MITRE ATT&CK

1 technique
Execution
View detailed technique mapping

References

and 8 more references View all →
2

Unlock Complete Vulnerability Intelligence

Get the full picture for CVE-2024-1212 and every CVE in our database. Create a free account — no credit card required.

Create Free Account
Plain-language analysis
Impact assessment and exploitation scenario in plain English
Attack graph visualization
Interactive attack path and kill chain mapping
Exploit details & PoC links
ExploitDB, Metasploit, GitHub PoCs with direct links
Nuclei scanner templates
Ready-to-use vulnerability scanner templates
Full remediation guide
Patch instructions, workarounds, and compliance impact
Interactive AI chat
Ask questions about this vulnerability in natural language
Related vulnerabilities
Semantically similar CVEs and attack patterns
REST API & MCP access
Integrate vulnerability data into your workflows