Remote Code Execution Vulnerability in Telerik Report Server
Key Information
- Vendor
- Progress Software Corporation
- Status
- Telerik Report Server
- Vendor
- CVE Published:
- 24 July 2024
Badges
Summary
The CVE-2024-6327 vulnerability is a remote code execution flaw in Progress Software Corporation's Telerik Report Server solution. This vulnerability, as well as the related CVE-2024-6096, can allow attackers to remotely execute code on the underlying server. Progress Software has issued upgrades to its Telerik Reporting and Telerik Report Server solutions to address these vulnerabilities, and users are urged to upgrade as soon as possible to prevent exploitation. There is no known exploitation of the vulnerabilities in the wild, but the company's solutions have been targeted by attackers in the past, making prompt upgrades essential for security.
Affected Version(s)
Telerik Report Server <= 1.00
News Articles
Critical bug in Progress Telerik Report Server leads to RCE
Progress Software's latest security advisory warns customers about the second critical vulnerability targeting its Telerik Report Server in as many months. CVE-2024-6327 is an insecure deserialization...
4 months ago
Critical bug in Progress Telerik Report Server leads to RCE
Progress Software's latest security advisory warns customers about the second critical vulnerability targeting its Telerik Report Server in as many months. CVE-2024-6327 is an insecure deserialization...
4 months ago
Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327) - Help Net Security
Progress Software has fixed a critical RCE vulnerability (CVE-2024-6327) in its Telerik Report Server solution.
4 months ago
CVSS V3.1
Timeline
Vulnerability started trending.
- 👾
Exploit exists.
First article discovered by BleepingComputer
Vulnerability published.
Vulnerability Reserved.