03/02/2026

ZDI-26-052: Progress Software Kemp LoadMaster getcipherset Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.1. The following CVEs are assigned: CVE-2025-13444.

Comments are closed.

You may also like

ZDI-26-101: Oracle VirtualBox BusLogic Uninitialized Memory Information Disclosure Vulnerability

ZDI-25-1174: Foxit PDF Reader AcroForm User-After-Free Remote Code Execution Vulnerability