CVE-2024-2389

CRITICAL EXPLOITED NUCLEI

Progress Kemp Flowmon - Command Injection

Title source: nuclei

Description

In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified. An unauthenticated user can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitrary system commands.

Exploits (3)

nomisec WORKING POC 2 stars

by adhikara13 · remote

https://github.com/adhikara13/CVE-2024-2389

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by Dave Yesland with Rhino Security Labs · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/progress_flowmon_unauth_cmd_injection.rb

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by Dave Yesland with Rhino Security Labs · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb

View Code ZIP pw:eip

Nuclei Templates (1)

Progress Kemp Flowmon - Command Injection

CRITICALVERIFIEDby pdresearch,parthmalhotra

Shodan: Server: Flowmon

References (2)

[Vendor Advisory] https://support.kemptechnologies.com/hc/en-us/articles/24878235038733-CVE-2024-2389-Flowmon-critical-security-vulnerability

[Product] https://www.flowmon.com

Scores

CVSS v3 10.0

EPSS 0.9430

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Details

VulnCheck KEV 2024-04-26

CWE

CWE-78

Status published

Products (1)

progress/flowmon < 11.1.14

Published Apr 02, 2024

Tracked Since Feb 18, 2026