Progress Software has released an emergency patch for a critical #vulnerability (CVE-2024-7591) in its #LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products. This flaw, with a maximum severity score of 10/10, allows remote attackers to execute arbitrary commands via a crafted #HTTP request due to improper input validation. The vulnerability affects LoadMaster version 7.2.60.0 and earlier, as well as MT Hypervisor version 7.1.35.11 and earlier, including Long-Term Support (LTS) branches. A fix has been issued through an add-on package, though it does not cover the free version of LoadMaster. While no exploitation reports have been received, users are urged to apply the patch and follow security hardening practices to safeguard their systems.
Disclaimer: Includes third-party opinions. No financial advice. May include sponsored content.See T&Cs.