{"id":166168,"date":"2024-07-25T20:27:05","date_gmt":"2024-07-25T20:27:05","guid":{"rendered":"https:\/\/securityaffairs.com\/?p=166168"},"modified":"2024-07-25T20:27:07","modified_gmt":"2024-07-25T20:27:07","slug":"telerik-report-server-cve-2024-6327","status":"publish","type":"post","link":"https:\/\/securityaffairs.com\/166168\/security\/telerik-report-server-cve-2024-6327.html","title":{"rendered":"Progress Software fixed critical RCE CVE-2024-6327 in the Telerik Report Server"},"content":{"rendered":"
<\/div>\n

Progress Software addressed a critical remote code execution vulnerability, tracked as\u00a0CVE-2024-6327, in the Telerik Report Server.<\/h2>\n\n\n\n

Telerik Report Server is a web-based application designed for creating, managing, and delivering reports in various formats. It provides tools for report design, scheduling, and secure delivery, allowing organizations to centralize their reporting processes. <\/p>\n\n\n\n

Progress Software addressed a critical remote code execution flaw, tracked as\u00a0CVE-2024-6327<\/a> (CVSS score of 9.9), in the Telerik Report Server that can be exploited to compromise vulnerable devices.<\/p>\n\n\n\n

“In Progress\u00ae Telerik\u00ae Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability.” reads the report<\/a> published by the company.<\/em> “Updating to Report Server\u00a02024 Q2 (10.1.24.709)<\/a>\u00a0or later is the only way to remove this vulnerability. The Progress Telerik team strongly recommends performing an upgrade to the latest version listed in the table below.”<\/em><\/p>\n\n\n\n

The critical flaw is due to deserialization of untrusted data\u00a0issue.<\/p>\n\n\n\n

The flaw impacts Report Server 2024 Q2 (10.1.24.514) and earlier, the version\u00a02024 Q2 (10.1.24.709)<\/a> addressed the vulnerability.<\/p>\n\n\n\n

To mitigate this issue temporarily, change the user for the Report Server Application Pool to one with limited permissions.<\/p>\n\n\n\n

Progress has not revealed if the vulnerability CVE-2024-6327 has been exploited in the wild.<\/p>\n\n\n\n

In June, researchers published a proof-of-concept (PoC) exploit code for another authentication bypass vulnerability<\/a>, tracked CVE-2024-1800<\/a>\u00a0(CVSS score: 8.8), on Progress Telerik Report Servers.<\/p>\n\n\n\n

An unauthenticated attacker can exploit the flaw to gain access Telerik Report Server restricted functionality via an authentication bypass vulnerability.<\/p>\n\n\n\n

The researchers demonstrated how to create an admin account by exploiting the bypass flaw\u00a0CVE-2024-4358<\/a>.<\/p>\n\n\n\n

Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/strong><\/a><\/p>\n\n\n\n

Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n

(<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, Telerik Report Server)<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

Progress Software addressed a critical remote code execution vulnerability, tracked as\u00a0CVE-2024-6327, in the Telerik Report Server. Telerik Report Server is a web-based application designed for creating, managing, and delivering reports in various formats. It provides tools for report design, scheduling, and secure delivery, allowing organizations to centralize their reporting processes. Progress Software addressed a critical […]<\/p>\n","protected":false},"author":1,"featured_media":151717,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3323,55],"tags":[4112,9508,9506,10918,687,15181,15137,841,1533],"class_list":["post-166168","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-breaking-news","category-security","tag-hacking","tag-hacking-news","tag-information-security-news","tag-it-information-security","tag-pierluigi-paganini","tag-progress","tag-progress-telerik-report-servers","tag-security-affairs","tag-security-news"],"yoast_head":"\n杭州江阴科强工业胶带有限公司