Progress Kemp LoadMaster RCE (CVE-2024-1212)
Description
Progress Kemp LoadMaster contains a critical command injection vulnerability (CVE-2024-1212) that allows remote attackers to execute arbitrary operating system commands without authentication. The vulnerability can be exploited by sending a specially crafted HTTP request to the affected LoadMaster instance, bypassing all authentication mechanisms and gaining direct access to the underlying operating system.
Remediation
Apply security patches immediately by upgrading to a patched version of Kemp LoadMaster as specified in the vendor security advisory. Follow these steps: (1) Review the official Kemp Technologies security bulletin (CVE-2024-1212) to identify the minimum patched version for your deployment, (2) Schedule a maintenance window and create a complete backup of your LoadMaster configuration, (3) Download the appropriate firmware update from the Kemp support portal, (4) Apply the update following Kemp's upgrade procedures for your deployment model, (5) Verify the patch installation and test load balancing functionality post-upgrade. As an interim mitigation if patching cannot be performed immediately, restrict network access to the LoadMaster management interface using firewall rules to allow only trusted IP addresses, and monitor system logs for suspicious HTTP requests or unexpected command execution activity.