- Description
- OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints
- Source
- security@progress.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.6
- Impact score
- 6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- security@progress.com
- CWE-77
- Hype score
- Not currently trending
Legacy exposure keeps paying off for attackers. Progress Kemp LoadMaster CVE-2026-8037 exploitation moves… Attackers are targeting CVE-2026-8037, a critical pre-auth command injection flaw in Progre… 🔗 Read → https://t.co/FpD8k42ZQl
@fynn_JourX
2 Jul 2026
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Vulnerabilidad en productos Progress ❗ CVE-2026-8037 ❗ CVE-2026-33691 ➡️ Más info: https://t.co/SPwHWmm3cm https://t.co/JlAMWbyS2X
@CERTpy
19 Jun 2026
77 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【Progress Kemp LoadMasterに未認証RCE脆弱性】 Progress Kemp LoadMasterに、CVE-2026-8037とCVE-2026-33691の2件の脆弱性が公表されました。CVE-2026-8037はAPIの入力検証不備に起因するOSコマンドインジェクションで、認証なしに任
@01ra66it
7 Jun 2026
327 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Progress issued a LoadMaster security bulletin on two flaws CVE-2026-8037 and CVE-2026-33691 disclosed in June 2026, according to Canada's Cyber Centre. https://t.co/NOPtr7ylqT
@threatcluster
6 Jun 2026
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes