Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-56135

Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. This issue affects:  Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.1 (inclusive)   From 7.2.49.0 to 7.2.54.12 (inclusive)   7.2.48.12 and all prior versions ECS All prior versions to 7.2.60.1 (inclusive)

Published

2025-02-05T18:15:29.210

Last Modified

2025-07-31T13:47:09.340

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.4 (HIGH)

Weaknesses

Type: Primary
CWE-20
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	progress	multi-tenant_loadmaster	< 7.1.35.13	Yes
Operating System	progress	loadmaster	≤ 7.2.48.12	Yes
Operating System	progress	loadmaster	< 7.2.54.13	Yes
Operating System	progress	loadmaster	< 7.2.61.0	Yes

References

https://community.progress.com/s/article/LoadMaster-Security-Vulnerability-CVE-2024-56131-CVE-2024-56132-CVE-2024-56133-CVE-2024-56134-CVE-2024-56135 Vendor Advisory ([email protected])