Progress Kemp LoadMaster Pre-Auth RCE Flaw Faces Active Exploitation Attempts

A Critical Flaw in Kemp LoadMaster Appliances is Being Actively Exploited, Putting Thousands of Organizations at Risk

A severe pre-authentication remote code execution (RCE) vulnerability in Kemp LoadMaster appliances has been discovered and is currently being exploited by attackers. The flaw, which affects versions 7.2.x and earlier, allows unauthenticated hackers to execute arbitrary code on the affected systems. According to reports, thousands of organizations worldwide are vulnerable to this critical issue.

Kemp Technologies’ LoadMaster is a popular load balancer used in various industries, including finance, healthcare, and government sectors. The device helps distribute network traffic across multiple servers, ensuring high availability and performance for web applications. However, the presence of the vulnerability in these appliances poses a significant threat to data security. Attackers can exploit the flaw using simple HTTP requests, making it an attractive target for hackers.

The vulnerability was identified through automated testing by researchers at Forescout, who used AI-driven models to scan for potential flaws. This highlights the growing importance of artificial intelligence (AI) in cybersecurity, as these tools are increasingly being used to discover and exploit vulnerabilities. However, in this case, the discovery also underscores the need for organizations to prioritize vulnerability scanning and patch management.

To understand how the flaw works, consider that Kemp LoadMaster appliances use a REST API to manage and configure the load balancer. The vulnerability lies in a specific endpoint within this API, which can be accessed without authentication. By sending a malicious request to this endpoint, an attacker can execute arbitrary code on the affected system, potentially leading to data breaches or complete system compromise.

The active exploitation of this vulnerability raises concerns about potential data theft and disruption of critical services. Organizations using Kemp LoadMaster appliances must take immediate action to mitigate the risk. This includes applying the latest security patches, conducting thorough vulnerability scans, and implementing additional security measures to prevent unauthorized access.

In light of this incident, it is essential for organizations to reevaluate their cybersecurity posture and prioritize proactive measures, such as regular patch management and AI-driven threat detection. By staying vigilant and taking a proactive approach to security, companies can minimize the risk of falling victim to such critical vulnerabilities.


Source: The Hacker News — 2026-07-01