PROGRESS Kemp LoadMaster contains a flaw that lets attackers execute root commands remotely without authentication, as reported by The Hacker News. The issue affects all recent versions of the load‑balancing appliance and could give an intruder full control of the device.
The vulnerability is tracked as CVE-2026-8037 and carries a CVSS score of 9.6, reflecting a remote code execution weakness in the LoadMaster API. A second flaw, CVE-2026-33691, scores 6.8 and enables a web application firewall bypass that could hide malicious traffic. Both issues are detailed in the vendor’s advisory at Progress Kemp advisory.
Separately, Check Point Security Gateway products are affected by CVE-2026-50751, which has a CVSS of 9.3 and is already being exploited in the wild, according to SecurityOnline. While the LoadMaster bugs are not yet seen in active attacks, the presence of a critical VPN flaw in the same advisory highlights the broader risk to perimeter defenses.
No specific threat actors have been linked to the LoadMaster vulnerabilities, but the high CVSS ratings mean that any exposed API could be leveraged for privilege escalation. Administrators should assume that internet‑facing management interfaces are prime targets until patches are applied.
Defenders should immediately apply the latest firmware release from Progress Kemp that addresses CVE-2026-8037 and CVE-2026-33691. Where immediate updating is not possible, restrict access to the LoadMaster API to trusted networks and disable any unused services. Monitoring authentication logs for unexpected privileged commands can help detect attempted abuse.
Staying subscribed to the vendor’s security mailing list and verifying the integrity of patches before deployment will reduce the chance of introducing new issues. Regularly reviewing asset inventories to ensure no legacy LoadMaster instances remain unpatched is also a prudent step.