Sources
Loading...
Additional media
Loading...
DeepNewz, mobile.
People-sourced. AI-powered. Unbiased News.
A critical security flaw has been discovered in Progress Telerik Report Server, identified as CVE-2024-4358, with a CVSS score of 9.8/10. This vulnerability allows remote attackers to bypass authentication and create rogue admin users. A proof-of-concept exploit code for this bug has been released by security experts. The flaw is part of a pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800). Users are advised to update to version 2024 Q2 (10.1.24.514) to mitigate the risk.
Experts released PoC exploit code for a critical bug in Progress Telerik Report Servers https://t.co/LrgrV1iPOk
Telerik Report Server Flaw Could Let Attackers Create Rogue Admin Accounts: https://t.co/l9VdmP04RU by The Hacker News #infosec #cybersecurity #technology #news
⚠️ Critical security flaw discovered in Progress Telerik Report Server (CVE-2024-4358, CVSS 9.8/10). Remote attackers could bypass authentication and create rogue admin users. Learn more: https://t.co/2SzwAuE364 Update to version 2024 Q2 (10.1.24.514) ASAP.
