CVE-2024-56135

Summary

CVE-2024-56135 is a newly disclosed vulnerability affecting Authenticated Users of Progress LoadMaster. This issue stems from an Improper Input Validation flaw, which permits OS Command Injection. The affected product versions include LoadMaster from 7.2.55.0 to 7.2.60.1, and ECS from all prior versions to 7.2.60.1. Specifically, this vulnerability can be exploited in LoadMaster from 7.2.55.0 to 7.2.60.1 (inclusive) and in ECS from all prior versions. Older versions of LoadMaster, including 7.2.49.0 to 7.2.54.12 (inclusive), and 7.2.48.12 and all prior versions, are also vulnerable. This flaw can potentially lead to significant security risks if not addressed promptly.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.