ET WEB_SPECIFIC_APPS Progress Kemp LoadMaster Unauthenticated Command Injection (CVE-2024-7591)

SID: 2062294Rev: 145 views
Sourceet/open
CreatedMay 13, 2025
UpdatedMay 13, 2025
Classificationweb-application-attack
alert http any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Progress Kemp LoadMaster Unauthenticated Command Injection (CVE-2024-7591)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/progs/status/login"; fast_pattern; http.request_body; content:"pass|3d|"; pcre:"/^[^\x26\s]*?(?:[\x3b\x24\x27\x60\x7c]|\x25(?:3[bB]|2[47]|60|7[cC]))/R"; reference:url,insinuator.net/2024/11/vulnerability-disclosure-command-injection-in-kemp-loadmaster-load-balancer-cve-2024-7591; reference:cve,2024-7591; classtype:web-application-attack; sid:2062294; rev:1; metadata:affected_product Progress_Kemp_Loadmaster, attack_target Server, created_at 2025_05_13, cve CVE_2024_7591, deployment Perimeter, deployment Internal, confidence High, signature_severity Major, tag Exploit, updated_at 2025_05_13, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application; target:dest_ip;)

References

urlinsinuator.net/2024/11/vulnerability-disclosure-command-injection-in-kemp-loadmaster-load-balancer-cve-2024-7591
cve2024-7591

Metadata

affected productProgress_Kemp_Loadmaster
attack targetServer
created at2025_05_13
deploymentInternal
confidenceHigh
signature severityMajor
tagExploit
updated at2025_05_13
mitre tactic idTA0001
mitre tactic nameInitial_Access
mitre technique idT1190
mitre technique nameExploit_Public_Facing_Application

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!