
CVE-2026-8037: Progress Kemp LoadMaster — Pre-Auth RCE Risk Surges (July 2026)
CVE-2026-8037 — Progress Kemp LoadMaster
CVE-2026-8037 is a critical severity vulnerability in Progress Kemp LoadMaster appliances, allowing unauthenticated remote code execution due to improper input validation in the LoadMaster API. The flaw is under active exploitation as of June 29, 2026, and a proof-of-concept exploit is publicly available, significantly raising the risk of widespread attacks.
Attack Vector
Attackers exploit CVE-2026-8037 by sending crafted requests to the LoadMaster API, triggering OS command injection before authentication. No credentials are required. Malicious activity has been traced to IPs 192.42.116.58, 192.42.116.105, and 146.70.139.154. Although exploitation attempts have been observed, there is no evidence of successful post-compromise activity yet. Attackers can potentially gain full system control if the exploit succeeds.
Who Is at Risk
All organizations running Progress Kemp LoadMaster appliances with unpatched firmware are at risk. The vulnerability impacts deployments across North America, with Progress-confirmed exposure. Any internet-facing LoadMaster instance is a high-value target for attackers leveraging this pre-auth RCE.
Patch & Mitigate
- Patch: Apply the latest security update from Progress for Kemp LoadMaster immediately. Check the vendor advisory for exact version details and release notes.
- Workaround: No official workaround is available; restrict API access to trusted networks as a temporary measure.
- Detect: Monitor logs for suspicious API requests from the IOCs: 192.42.116.58, 192.42.116.105, 146.70.139.154. Look for unusual command execution patterns and failed authentication attempts.
MITRE ATT&CK
- TA0001 — Initial Access: Attackers exploit a pre-auth flaw to gain entry without credentials.
- TA0002 — Execution: Remote code execution is achieved via OS command injection in the API.
- TA0005 — Defense Evasion: Attackers may attempt to obfuscate payloads or delete logs post-exploitation.
Source: https://thehackernews.com/2026/07/latest-progress-kemp-loadmaster-pre.html
Start Your 14-Day Free Trial
Get curated cyber intelligence delivered to your inbox every morning at 6 AM. No credit card required.
Get Started Free

