A critical vulnerability in Progress Kemp LoadMaster can let an unauthenticated attacker execute arbitrary commands as root on the appliance by sending a crafted request to its API. The flaw, tracked asCVE-2026-8037, carries a CVSS score of9.8 according to ZDI. A patch is available. If you run LoadMaster with the API enabled, update now. Progresspublished its advisory on June
Progress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-Auth
The Hacker News - 30 Jun 2026 13:08
A critical vulnerability in Progress Kemp LoadMaster can let an unauthenticated attacker execute arbitrary commands as root on the appliance by sending a crafted request to its API. The flaw, tracked asCVE-2026-8037, carries a CVSS score of9.8 according to ZDI. A patch is available. If you run LoadMaster with the API enabled, update now. Progresspublished its advisory on June
Share this Article
Recommended