Aggregates CVE and security vulnerability intelligence across all kemptechnologies-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk cross-site scripting and vendor risk csrf and related problems; some flaws may lead to vendor impact session compromise, affecting vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-7591 | Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This issue affects: * LoadMaster: 7.2.40.0 and above * ECS: All versions * Multi-Tenancy: 7.1.35.4 and above | [email protected] | 10.0 | 44.07% | 2024-09-05 | 2026-06-17 |
| CVE-2021-41823 | The Web Application Firewall (WAF) in Kemp LoadMaster 7.2.54.1 allows certain uses of onmouseover to bypass an XSS protection mechanism. | [email protected] | 6.1 | 0.49% | 2023-01-01 | 2026-06-17 |
| CVE-2014-5288 | A CSRF Vulnerability exists in Kemp Load Master before 7.0-18a via unspecified vectors in administrative pages. | [email protected] | 8.8 | 1.57% | 2020-02-07 | 2026-06-16 |
| CVE-2014-5287 | A Bash script injection vulnerability exists in Kemp Load Master 7.1-16 and earlier due to a failure to sanitize input in the Web User Interface (WUI). | [email protected] | 8.8 | 8.14% | 2020-01-08 | 2026-06-16 |
| CVE-2018-9091 | A critical vulnerability in the KEMP LoadMaster Operating System (LMOS) 6.0.44 through 7.2.41.2 and Long Term Support (LTS) LMOS before 7.1.35.5 related to Session Management could allow an unauthenticated, remote attacker to bypass security protections, gain system privileges, and execute elevated commands such as ls, ps, cat, etc., thereby compromising the system. Through this remote execution, in certain cases, exposure of sensitive system data such as certificates, private keys, and other in | [email protected] | 9.8 | 3.33% | 2018-05-25 | 2026-06-16 |
| CVE-2017-15524 | The Application Firewall Pack (AFP, aka Web Application Firewall) component on Kemp Load Balancer devices with software before 7.2.40.1 allows a Security Feature Bypass via an HTTP POST request. | [email protected] | 9.1 | 1.22% | 2017-12-18 | 2026-06-16 |