CVE-2025-1758: 
Progress LoadMaster vulnerability analysis and mitigation

CVE-2025-1758 is a critical buffer overflow vulnerability discovered in Progress Software's Kemp LoadMaster, an application delivery controller (ADC) and load balancer. The vulnerability was identified in March 2025 and affects multiple versions of LoadMaster (7.2.40.0 and above), ECS (all versions), and Multi-Tenancy (7.1.35.4 and above). The flaw is specifically located in the mangle executable component of LoadMaster (NVD, SecurityOnline).

The vulnerability is classified as a stack-based buffer overflow (CWE-121) that stems from improper input validation. The issue specifically occurs in the mangle executable where there is a lack of proper validation of user-supplied data length before copying it to a fixed-length stack-based buffer. The vulnerability has received a critical CVSS score of 9.8, indicating its severe nature. The flaw requires no authentication to exploit, making it particularly dangerous (SecurityOnline).

The vulnerability enables unauthenticated remote attackers to execute arbitrary code on affected systems. When exploited, the attack runs in the context of the bal user, potentially allowing attackers to manipulate configurations, steal sensitive data, or disrupt system operations. Given LoadMaster's critical role in delivering SSL offloading, content switching, URL rewriting, and compression for enterprise applications, successful exploitation could significantly impact an organization's application delivery infrastructure (SecurityOnline).

Progress Software has addressed this vulnerability by releasing LoadMaster version 7.2.61.1. Organizations are strongly advised to immediately update to this patched version to protect against potential exploitation (SecurityOnline).