Progress Software Kemp LoadMaster addapikey Command Injection Remote Code Execution Vulnerability

Progress Software's Kemp LoadMaster contains a code execution vulnerability (CVE-2025-13447) that allows authenticated network-adjacent attackers to run arbitrary code on affected systems, rated as medium severity with a CVSS score of 6.4. An attacker who gains authentication credentials can exploit this flaw to achieve complete code execution on the load balancer, potentially compromising network traffic and infrastructure. Security teams should prioritize patching Kemp LoadMaster installations, enforce strong authentication controls, and limit network access to the management interface to trusted sources only.