CVE Catalog
CVE-2026-8037
CriticalCVSS 9.6Exploitation Probability (EPSS)
Very high risk8.19%
94th percentile — higher than 94% of all known CVEs
Summary
An unauthenticated attacker can execute arbitrary OS commands on the LoadMaster appliance by injecting commands into unsanitized input at multiple API endpoints.
Risk Assessment
An attacker can gain full control of the LoadMaster appliance, compromising the confidentiality, integrity, and availability of data and services.
Recommendation
Apply the vendor patch immediately and restrict API access to trusted networks only.
Original NVD description (English source)
OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints

