CVE-2025-1758

Published Mar 19, 2025

Last updated 7 months ago

CVSS medium 4.3

Overview

Description
Improper Input Validation vulnerability in Progress LoadMaster allows : Buffer OverflowThis issue affects: * LoadMaster: 7.2.40.0 and above * ECS: All versions * Multi-Tenancy: 7.1.35.4 and above
Source
security@progress.com
NVD status
Analyzed
Products
multi-tenant_loadmaster, loadmaster

Risk scores

CVSS 3.1

Type
Primary
Base score
8.8
Impact score
5.9
Exploitability score
2.8
Vector string
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

security@progress.com
CWE-121

Social media

Hype score
Not currently trending

  1. The following vulnerabilities have been added to our feed: - CVE-2025-32756: multiple Fortinet products Buffer Overflow RCE - CVE-2025-47955: Windows RasMan LPE - CVE-2025-1758: Kemp LoadMaster Stack Overflow DoS https://t.co/Nw6eZdt4CA https://t.co/85uWHVU04L

    @crowdfense

    26 Jun 2025

    7113 Impressions

    7 Retweets

    35 Likes

    21 Bookmarks

    0 Replies

    2 Quotes

  2. ⚠️ Vulnerability Alert: Critical Buffer Overflow in Kemp LoadMaster 📅 Timeline: Disclosure: 2025-03-19, Patch: 2025-03-23 📌 Attribution: Nicholas Zubrisky (@NZubrisky), Trend Micro Security Research 🆔cveId: CVE-2025-1758 📊baseScore: 9.8 📏cvssMetrics:

    @syedaquib77

    23 Mar 2025

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2025-1758: Critical Buffer Overflow in Kemp LoadMaster Opens Door to Remote Code Execution Learn about CVE-2025-1758, a critical vulnerability in Kemp LoadMaster that enables remote code execution on affected systems. https://t.co/RW2jHwvJg6

    @the_yellow_fall

    23 Mar 2025

    665 Impressions

    7 Retweets

    5 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2025-1758 Improper Input Validation vulnerability in Progress LoadMaster allows : Buffer OverflowThis issue affects: * LoadMaster: 7.2.40.0 and above * ECS: All versions * Mul… https://t.co/yMdjHhaWis

    @CVEnew

    19 Mar 2025

    275 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker with “User Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the API input parametersCVE-2025-13447
  2. OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker with “User Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the API input parametersCVE-2025-13444
  3. Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. This issue affects:  Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.1 (inclusive)    From 7.2.49.0 to 7.2.54.12 (inclusive)    7.2.48.12 and all prior versions ECS All prior versions to 7.2.60.1 (inclusive)CVE-2024-56135
  4. Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. This issue affects:  Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.1 (inclusive)    From 7.2.49.0 to 7.2.54.12 (inclusive)    7.2.48.12 and all prior versions Multi-Tenant Hypervisor 7.1.35.12 and all prior versions ECS All prior versions to 7.2.60.1 (inclusive)CVE-2024-56134
  5. Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. This issue affects:  Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.1 (inclusive)    From 7.2.49.0 to 7.2.54.12 (inclusive)    7.2.48.12 and all prior versions ECS All prior versions to 7.2.60.1 (inclusive)CVE-2024-56133

References

Sources include official advisories and independent security research.