toad.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mastodon server operated by David Troy, a tech pioneer and investigative journalist addressing threats to democracy. Thoughtful participation and discussion welcome.

Administered by:

Server stats:

274
active users

#loadmaster

0 posts0 participants0 posts today
securityaffairs<p><a href="https://infosec.exchange/tags/Progress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Progress</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Software</span></a> fixed multiple high-severity <a href="https://infosec.exchange/tags/LoadMaster" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LoadMaster</span></a> flaws<br><a href="https://securityaffairs.com/174103/security/progress-software-loadmaster-software-flaws.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityaffairs.com/174103/sec</span><span class="invisible">urity/progress-software-loadmaster-software-flaws.html</span></a><br><a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>securityaffairs</span></a></p>
securityaffairs<p>U.S. <a href="https://infosec.exchange/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISA</span></a> adds <a href="https://infosec.exchange/tags/Progress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Progress</span></a> <a href="https://infosec.exchange/tags/Kemp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Kemp</span></a> <a href="https://infosec.exchange/tags/LoadMaster" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LoadMaster</span></a>, <a href="https://infosec.exchange/tags/Palo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Palo</span></a> <a href="https://infosec.exchange/tags/Alto" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Alto</span></a> Networks PAN-OS and Expedition bugs to its Known Exploited Vulnerabilities catalog<br><a href="https://securityaffairs.com/171168/security/u-s-cisa-progress-kemp-loadmaster-palo-alto-networks-pan-os-and-expedition-bugs-known-exploited-vulnerabilities-catalog.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityaffairs.com/171168/sec</span><span class="invisible">urity/u-s-cisa-progress-kemp-loadmaster-palo-alto-networks-pan-os-and-expedition-bugs-known-exploited-vulnerabilities-catalog.html</span></a><br><a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>securityaffairs</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a></p>
securityaffairs<p><a href="https://infosec.exchange/tags/Progress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Progress</span></a> Software fixed a maximum severity flaw in <a href="https://infosec.exchange/tags/LoadMaster" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LoadMaster</span></a><br><a href="https://securityaffairs.com/168192/uncategorized/progress-software-emergency-loadmaster-flaw.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityaffairs.com/168192/unc</span><span class="invisible">ategorized/progress-software-emergency-loadmaster-flaw.html</span></a><br><a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>securityaffairs</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a></p>
Not Simon<p><strong>Rhino</strong> Security Labs disclosed vulnerability details and proofs of concept for CVE-2024-2448 (8.4 high) authenticated command injection and CVE-2024-2449* (7.5 high) Cross-Site Request Forgery (CSRF) protection bypass in Progress Kemp Loadmaster. The CSRF could be combined with the command injection and leveraged to execute commands on LoadMaster load balancers by targeting a user of the administration web user interface (WUI). h/t <span class="h-card" translate="no"><a href="https://infosec.place/users/buherator" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>buherator</span></a></span> 🔗 <a href="https://rhinosecuritylabs.com/research/cve-2024-2448-kemp-loadmaster/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">rhinosecuritylabs.com/research</span><span class="invisible">/cve-2024-2448-kemp-loadmaster/</span></a></p><p><a href="https://infosec.exchange/tags/CVE_2024_2448" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE_2024_2448</span></a> <a href="https://infosec.exchange/tags/CVE_2024_2449" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE_2024_2449</span></a> <a href="https://infosec.exchange/tags/Progress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Progress</span></a> <a href="https://infosec.exchange/tags/Loadmaster" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Loadmaster</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/proofofconcept" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proofofconcept</span></a></p>
Not Simon<p><strong>SonicWall</strong> alleges that CVE-2024-1212 (CVSS: 10.0 critical, disclosed 08 February 2024 by Progress) is being exploited in the wild. "SonicWall sensors have confirmed active exploitation of these vulnerabilities." 🔗 <a href="https://blog.sonicwall.com/en-us/2024/03/progress-kemp-loadmaster-unauthenticated-command-injection-vulnerability/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.sonicwall.com/en-us/2024/</span><span class="invisible">03/progress-kemp-loadmaster-unauthenticated-command-injection-vulnerability/</span></a></p><p>cc: <span class="h-card" translate="no"><a href="https://infosec.place/users/buherator" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>buherator</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@campuscodi" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>campuscodi</span></a></span> </p><p>EDIT: SonicWall took down the blog post as of 1300 US Eastern 28 March 2024. </p><p><a href="https://infosec.exchange/tags/CVE_2024_1212" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE_2024_1212</span></a> <a href="https://infosec.exchange/tags/eitw" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>eitw</span></a> <a href="https://infosec.exchange/tags/activeexploitation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>activeexploitation</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/Kemp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Kemp</span></a> <a href="https://infosec.exchange/tags/LoadMaster" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LoadMaster</span></a> <a href="https://infosec.exchange/tags/Progress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Progress</span></a></p>
Not Simon<p><strong>Rhino Security Labs</strong>, submitters of CVE-2024-1212 (CVSS: <strong>10.0 critical</strong>, disclosed 08 February 2024 by Progress) unauthenticated Command Injection<br>In Progress Kemp LoadMaster, released vulnerability details and a Proof of Concept. 🔗 <a href="https://rhinosecuritylabs.com/research/cve-2024-1212unauthenticated-command-injection-in-progress-kemp-loadmaster/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">rhinosecuritylabs.com/research</span><span class="invisible">/cve-2024-1212unauthenticated-command-injection-in-progress-kemp-loadmaster/</span></a> H/T <span class="h-card" translate="no"><a href="https://infosec.place/users/buherator" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>buherator</span></a></span> </p><p><a href="https://infosec.exchange/tags/CVE_2024_1212" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE_2024_1212</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/progress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>progress</span></a> <a href="https://infosec.exchange/tags/loadmaster" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>loadmaster</span></a> <a href="https://infosec.exchange/tags/proofofconcept" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proofofconcept</span></a> <a href="https://infosec.exchange/tags/POC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>POC</span></a></p>