THREATOPS
THREAT OPSThreat News › [NVD] CVE-2026-8037 (CRITICAL 9.6) — OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints

[NVD] CVE-2026-8037 (CRITICAL 9.6) — OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints

lownvdPublished 2026-06-04

CVE-2026-8037 CVSS: 9.6 CRITICAL Published: 2026-06-04T14:16:45.177

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints

Indicators of compromise

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-8037