Security News > 2024 > June > PoC for Progress Telerik RCE chain released (CVE-2024-4358, CVE-2024-1800)
Security researchers have published a proof-of-concept exploit that chains together two vulnerabilities to achieve unauthenticated remote code execution on Progress Telerik Report Servers.
Telerik Report Server is a centralized enterprise platform for report creation, management, storage and delivery/distribution.
CVE-2024-1800 is an insecure deserialization vulnerability that allows authenticated remote attackers to execute arbitrary code on vulnerable Telerik installations, i.e., versions prior to 2024 Q1. It was reported by an anonymous researcher and fixed earlier this year by Progress Software.
Both vulnerabilities have been reported to Progress Software through ZDI, and Progress fixed CVE-2024-4358 in May, by releasing Telerik Report Server 2024 Q2. With the help from ethical hacker Soroush Dalili, Kheirkhah devised a PoC exploit that triggers CVE-2024-4358 and then CVE-2024-1800.
Vulnerability in Progress' enterprise solutions have been targeted by attackers in the past.
Late last year, attackers began exploiting two critical vulnerabilities in WS FTP Server just a few days after PoC code for one of them was made public.
News URL
https://www.helpnetsecurity.com/2024/06/04/cve-2024-4358-cve-2024-1800-poc/
Related news
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825) (source)
- Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457) (source)
- RCE flaw in MSP-friendly file sharing platform exploited by attackers (CVE-2025-30406) (source)
- PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433) (source)
- RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248) (source)
- PoC exploit for SysAid pre-auth RCE released, upgrade quickly! (source)
- Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-29 | CVE-2024-4358 | Authentication Bypass by Spoofing vulnerability in Telerik Report Server 2024 10.0.24.130/10.0.24.305 In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability. | 9.8 |
| 2024-03-20 | CVE-2024-1800 | Deserialization of Untrusted Data vulnerability in Progress Telerik Report Server In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code execution attack is possible through an insecure deserialization vulnerability. | 8.8 |