Login Sign Up

CVE-2018-9091

9.8 CRITICAL
Remote Code Execution Authentication Bypass

📋 TL;DR

This critical vulnerability in KEMP LoadMaster LMOS allows unauthenticated remote attackers to bypass session management and execute elevated system commands. Attackers can gain system privileges, access sensitive data like certificates and private keys, and fully compromise affected systems. Organizations running vulnerable versions of KEMP LoadMaster are at risk.

💻 Affected Systems

Products:
  • KEMP LoadMaster Operating System (LMOS)
Versions: LMOS 6.0.44 through 7.2.41.2 and LTS LMOS before 7.1.35.5
Operating Systems: KEMP LoadMaster proprietary OS
Default Config Vulnerable: ⚠️ Yes
Notes: All configurations running affected versions are vulnerable; no special configuration required for exploitation.

📦 What is this software?

Loadmaster Operating System by Kemptechnologies

View all CVEs affecting Loadmaster Operating System →

Loadmaster Operating System by Kemptechnologies

View all CVEs affecting Loadmaster Operating System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with administrative access, exposure of all sensitive data including SSL certificates and private keys, and potential lateral movement to other systems.

🟠

Likely Case

Remote code execution leading to data theft, service disruption, and installation of persistent backdoors or malware.

🟢

If Mitigated

Limited impact if proper network segmentation and access controls prevent external exploitation, though internal threats remain.

🌐 Internet-Facing: HIGH
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Vulnerability allows unauthenticated remote execution with low complexity, making weaponization highly probable.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: LMOS 7.2.42 and LTS LMOS 7.1.35.5 or later

Vendor Advisory: https://support.kemptechnologies.com/hc/en-us/articles/360001982452-Mitigation-for-Remote-Access-Execution-Vulnerability

Restart Required: Yes

Instructions:

1. Log into LoadMaster web interface. 2. Navigate to System Administration > System Upgrade. 3. Upload and apply the patched firmware version. 4. Reboot the LoadMaster to complete the update.

🔧 Temporary Workarounds

Network Access Restriction

all

Restrict network access to LoadMaster management interfaces to trusted IP addresses only.

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate LoadMaster from untrusted networks
  • Deploy network-based intrusion prevention systems (IPS) to detect and block exploitation attempts

🔍 How to Verify

Check if Vulnerable:

Check LoadMaster version via web interface: System Configuration > System Administration > System Information

Check Version:

Not applicable - use web interface as LoadMaster uses proprietary OS

Verify Fix Applied:

Verify version is 7.2.42 or later for standard LMOS, or 7.1.35.5 or later for LTS LMOS

📡 Detection & Monitoring

Log Indicators:

  • Unauthenticated access attempts to management interfaces
  • Unusual command execution patterns in system logs

Network Indicators:

  • Unexpected traffic to LoadMaster management ports (443, 8443)
  • Anomalous outbound connections from LoadMaster

SIEM Query:

source="loadmaster" AND (event_type="authentication_failure" OR command="ls" OR command="cat" OR command="ps")

📊 Metadata

CVE ID: CVE-2018-9091
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Published: May 25, 2018
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON