CRITICALVulnerability
Global

Progress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-Auth

·Source: The Hacker News

Updated:

Executive Summary

A critical vulnerability in Progress Kemp LoadMaster can let an unauthenticated attacker execute arbitrary commands as root on the appliance by sending a crafted request to its API. The flaw, tracked as CVE-2026-8037, carries a CVSS score of 9.8 according to ZDI. A patch is available. If you run LoadMaster with the API enabled, update now. Progress published its advisory on June

Analysis

A critical vulnerability in Progress Kemp LoadMaster can let an unauthenticated attacker execute arbitrary commands as root on the appliance by sending a crafted request to its API. The flaw, tracked as CVE-2026-8037, carries a CVSS score of 9.8 according to ZDI. A patch is available. If you run LoadMaster with the API enabled, update now. Progress published its advisory on June

Indicators of Compromise (1)

CVE (1)
CVE-2026-8037
Source Attribution

Originally published by The Hacker News on Jun 30, 2026.

Related Threats