Ghostwire
Home / Vulnerabilities / CVE-2026-4048

CVE-2026-4048: OS Command Injection Remote Code Execution Vulnerability in UI in Progress ADC Products allows an authenticated attacker...

HIGH CVSS 7.5 Exploit Available 1 PoC

Published: April 20, 2026 | Last Modified: April 20, 2026

Description

OS Command Injection Remote Code Execution Vulnerability in UI in Progress ADC Products allows an authenticated attacker with “All” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in a custom WAF rule file during the file upload process.

Ghostwire Analysis — What This Means Practically

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

Proof-of-Concept Exploits (1)

Security Coverage (15 articles)

Tenable CVEs
CVE-2026-40488
 CVE Feed
CVE-2026-40488 - OpenMage LTS has Customer File Upload Extension Blocklist Bypass that Leads to Remote Code Execution
 CVE Feed
CVE-2026-4048 - OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF
 Tenable CVEs
CVE-2026-4048
 CVE Feed
CVE-2026-40487 - Postiz Has Unrestricted File Upload via MIME Type Spoofing that Leads to Stored XSS
 CVE Feed
CVE-2026-40489 - editorconfig-core-c has incomplete fix for CVE-2023-0341
 Tenable CVEs
CVE-2026-40487
 Tenable CVEs
CVE-2026-40489
 CVE Feed
CVE-2026-40485 - ChurchCRM: Username Enumeration via Differential Response in Public Login API
 CVE Feed
CVE-2026-40482 - ChurchCRM has Authenticated SQL Injection in `/api/families/byCheckNumber/{scanString}`
 CVE Feed
CVE-2026-40484 - ChurchCRM: Authenticated Remote Code Execution via Unrestricted PHP File Write in Database Restore Function
 Tenable CVEs
CVE-2026-40484
 Tenable CVEs
CVE-2026-40483
 Tenable CVEs
CVE-2026-40482
 Tenable CVEs
CVE-2026-40485

References