Telerik Report Server is a web-based application designed for creating, managing, and delivering reports in various formats. It provides tools for report design, scheduling, and secure delivery, allowing organizations to centralize their reporting processes.
Progress Software addressed a critical remote code execution flaw, tracked as (CVSS score of 9.9), in the Telerik Report Server that can be exploited to compromise vulnerable devices.
“In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability.” reads the published by the company. “Updating to Report Server or later is the only way to remove this vulnerability. The Progress Telerik team strongly recommends performing an upgrade to the latest version listed in the table below.”
The critical flaw is due to deserialization of untrusted data issue.
The flaw impacts Report Server 2024 Q2 (10.1.24.514) and earlier, the version addressed the vulnerability.
To mitigate this issue temporarily, change the user for the Report Server Application Pool to one with limited permissions.
Progress has not revealed if the vulnerability CVE-2024-6327 has been exploited in the wild.
In June, researchers published a proof-of-concept (PoC) exploit code for another authentication bypass vulnerability, tracked (CVSS score: 8.8), on Progress Telerik Report Servers.
An unauthenticated attacker can exploit the flaw to gain access Telerik Report Server restricted functionality via an authentication bypass vulnerability.
The researchers demonstrated how to create an admin account by exploiting the bypass flaw .
Follow me on Twitter: and and Mastodon
(SecurityAffairs – hacking, Telerik Report Server)