Progress Software has taken urgent action to address a critical vulnerability that could potentially lead to remote attacks by releasing a patch to fix the flaw. The security update, which was released on Thursday, aims to mitigate the risk posed by a vulnerability known as CVE-2024-7591, affecting all versions of LoadMaster and LoadMaster Multi-Tenant Hypervisor.
LoadMaster is a crucial component in Progress Software’s arsenal, serving as an application delivery controller that enhances application performance, scalability, and security through load balancing, SSL offloading, and WAF. On the other hand, LoadMaster Multi-Tenant Hypervisor is specifically designed for multi-tenant environments, offering high throughput, network port density, and secure, isolated environments for multiple clients.
The critical vulnerability, categorized as a remote code execution flaw and assigned a maximum severity score of 10.0 on the CVSS scale, could potentially enable unauthenticated remote attackers to execute arbitrary system commands by sending specially crafted HTTP requests. This vulnerability poses a significant risk to organizations using LoadMaster and LoadMaster Multi-Tenant Hypervisor, as it could result in unauthorized access, system compromise, data theft, service disruption, or potentially serve as a launch pad for further network attacks.
Progress Software’s decisive action in releasing this urgent patch comes in the wake of a previous incident involving a zero-day vulnerability in the company’s MOVEit file transfer software, which led to a mass hacking incident affecting thousands of organizations. While there have been no reported cases of the new vulnerability being actively exploited, Progress Software is urging all LoadMaster customers to install the patch immediately to mitigate any potential risks.
The patch provided by Progress Software addresses the vulnerability by sanitizing user input in HTTP requests to prevent arbitrary command execution. Even customers whose product support has expired can download and install the patch from the company’s support portal, emphasizing the importance of securing systems against potential threats.
In conclusion, the swift response from Progress Software in releasing this critical patch underscores the importance of proactive risk management and timely mitigation of vulnerabilities to protect organizations from potential cyber threats. As cyberattacks continue to evolve in sophistication and scope, it is imperative for companies to remain vigilant and prioritize cybersecurity measures to safeguard their systems and data from malicious actors.
English 
Albanian 
Serbian 
Croatian 