Progress Kemp LoadMaster Pre-Auth RCE Flaw Under Active Exploitation
CVE-2026-8037, a critical OS command injection vulnerability in Progress Kemp LoadMaster API, is experiencing active exploitation attempts since June 29, 2026.
Attack Brief
TargetProgress Kemp LoadMasterVectorOS command injection via unsanitized input in /accessv2 API endpoint; improper null-termination in escape_quotes() function leading to out-of-bounds heap read and command injectionAttributionunattributed
Technical Details
CVE IDsCVE-2026-8037MITRE ATT&CKT1190T1059IoCs192.42.116.58192.42.116.105146.70.139.154AffectedProgress Kemp LoadMaster (specific versions not enumerated in advisory)
Impact
Confirmed DamageExploitation attempts observed ended in failure with no post-compromise activity detected; however, availability of PoC and technical details expected to increase malicious activity
Context
Similar AttacksCVE-2024-1212 (CVSS 10.0), another critical OS command injection vulnerability in Progress Kemp LoadMaster, previously witnessed active exploitation