Security News > 2024 > June > PoC for Progress Telerik RCE chain released (CVE-2024-4358, CVE-2024-1800)
Security researchers have published a proof-of-concept exploit that chains together two vulnerabilities to achieve unauthenticated remote code execution on Progress Telerik Report Servers.
Telerik Report Server is a centralized enterprise platform for report creation, management, storage and delivery/distribution.
CVE-2024-1800 is an insecure deserialization vulnerability that allows authenticated remote attackers to execute arbitrary code on vulnerable Telerik installations, i.e., versions prior to 2024 Q1. It was reported by an anonymous researcher and fixed earlier this year by Progress Software.
Both vulnerabilities have been reported to Progress Software through ZDI, and Progress fixed CVE-2024-4358 in May, by releasing Telerik Report Server 2024 Q2. With the help from ethical hacker Soroush Dalili, Kheirkhah devised a PoC exploit that triggers CVE-2024-4358 and then CVE-2024-1800.
Vulnerability in Progress' enterprise solutions have been targeted by attackers in the past.
Late last year, attackers began exploiting two critical vulnerabilities in WS FTP Server just a few days after PoC code for one of them was made public.
News URL
https://www.helpnetsecurity.com/2024/06/04/cve-2024-4358-cve-2024-1800-poc/
Related news
- Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856) (source)
- Critical Progress WhatsUp RCE flaw now under active exploitation (source)
- Critical RCE bug in SolarWinds Web Help Desk fixed (CVE-2024-28986) (source)
- APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262) (source)
- Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195) (source)
- Progress LoadMaster vulnerable to 10/10 severity RCE flaw (source)
- Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711) (source)
- Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869) (source)
- Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw (source)
- PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-29 | CVE-2024-4358 | Authentication Bypass by Spoofing vulnerability in Telerik Report Server 2024 In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability. | 9.8 |
| 2024-03-20 | CVE-2024-1800 | In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code execution attack is possible through an insecure deserialization vulnerability. | 0.0 |