• Menu
  • Skip to main content
  • Skip to primary sidebar

All Tech News

Latest Technology News

Progress Software Issues Patch for Vulnerability in LoadMaster and MT Hypervisor

You are here: Home / Cyber Security News / Progress Software Issues Patch for Vulnerability in LoadMaster and MT Hypervisor

Progress Software has released security updates for a maximum-severity flaw in LoadMaster and Multi-Tenant (MT) hypervisor that could result in the execution of arbitrary operating system commands.

Tracked as CVE-2024-7591 (CVSS score: 10.0), the vulnerability has been described as an improper input validation bug that results in OS command injection.

“It is possible for unauthenticated, remote attackers who have access to the management interface of LoadMaster to issue a carefully crafted http request that will allow arbitrary system commands to be executed,” the company said in an advisory last week.

“This vulnerability has been closed by sanitizing request user input to mitigate arbitrary system commands execution.”

The flaw affects the following versions –

  • LoadMaster (7.2.60.0 and all prior versions)
  • Multi-Tenant Hypervisor (7.1.35.11 and all prior versions)

Security researcher Florian Grunow has been credited with discovering and reporting the flaw. Progress said it has found no evidence of the vulnerability being exploited in the wild.

That said, it’s recommended that users apply the latest fixes as soon as possible by downloading an add-on package. The update can be installed by navigating to System Configuration > System Administration > Update Software.

“We are encouraging all customers to upgrade their LoadMaster implementations as soon as possible to harden their environment,” the company said. “We also strongly recommend that customers follow our security hardening guidelines.”

Found this article interesting? Follow us on Twitter ๏‚™ and LinkedIn to read more exclusive content we post.

Some parts of this article are sourced from:
thehackernews.com

Previous Post: « New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys
Next Post: Wing Security SaaS Pulse: Continuous Security & Actionable Insights โ€” For Free »

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Recent Posts

  • Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor
  • LangSmith Bug Could Expose OpenAI Keys and User Data via Malicious Agents
  • Silver Fox APT Targets Taiwan with Complex Gh0stCringe and HoldingHands RAT Malware
  • Google Warns of Scattered Spider Attacks Targeting IT Support Teams at U.S. Insurance Firms
  • Are Forgotten AD Service Accounts Leaving You at Risk?

Copyright © 2025 ยท AllTech.News, All Rights Reserved.