{"id":164114,"date":"2024-06-04T10:39:59","date_gmt":"2024-06-04T10:39:59","guid":{"rendered":"https:\/\/securityaffairs.com\/?p=164114"},"modified":"2024-06-04T10:40:01","modified_gmt":"2024-06-04T10:40:01","slug":"progress-telerik-report-servers-poc","status":"publish","type":"post","link":"https:\/\/securityaffairs.com\/164114\/hacking\/progress-telerik-report-servers-poc.html","title":{"rendered":"Experts released PoC exploit code for a critical bug in Progress Telerik Report Servers"},"content":{"rendered":"
<\/div>\n

Researchers published a PoC exploit code for an authentication bypass vulnerability on Progress Telerik Report Servers.<\/h2>\n\n\n\n

Researchers published a proof-of-concept (PoC) exploit code for an authentication bypass vulnerability on Progress Telerik Report Servers. Telerik Report Server is an end-to-end report management solution developed by Progress\u00ae Telerik.<\/p>\n\n\n\n

Cybersecurity researcher Sina Kheirkha started his research from an advisory<\/a> published by Progress for a deserialization issue tracked as CVE-2024-4358<\/a>\u00a0(CVSS score: 9.8). The experts noticed that the exploitation required authentication, so shortly after the release of the patch, he managed to find an authentication bypass. With the help of\u00a0Soroush Dalili (@irsdl)<\/a>, the expert chained the deserialization issue with an auth bypass to achieve full unauthenticated RCE.<\/p>\n\n\n\n

The researchers chained the issue with the deserialization flaw CVE-2024-1800<\/a>\u00a0(CVSS score: 8.8) to execute arbitrary code on vulnerable servers.<\/p>\n\n\n\n

\n

\u26a0\ufe0fHere is the Exploit Chain targeting Telerik Report Server CVE-2024-4358\/CVE-2024-1800 that allows pre-authenticated Remote Code Execution \ud83e\ude78 by chaining a deserialization \ud83e\udeb2 and an interesting authentication bypass \ud83d\udd25\ud83d\udd25\ud83d\udd25https:\/\/t.co\/ZkPL8vggcH<\/a> pic.twitter.com\/Og7n4qRoXN<\/a><\/p>— SinSinology (@SinSinology) June 3, 2024<\/a><\/blockquote>