CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Vulnerabilities

Progress Patches Critical Vulnerability in Telerik Report Server

A critical vulnerability in the Progress Telerik Report Server could allow unauthenticated attackers to access restricted functionality. The post Progress Patches Critical Vulnerability in Telerik Report Server appeared first on SecurityWeek.

A critical-severity vulnerability in Progress Software’s Telerik Report Server could allow remote attackers to bypass authentication and create an administrator user, vulnerability researcher Sina Kheirkhah explains.

Tracked as CVE-2024-4358 (CVSS score of 9.8), the bug exists because the endpoint responsible for setting up the server allows unauthenticated connections even after the setup process has been completed.

“The specific flaw exists within the implementation of the Register method. The issue results from the lack of validating the current installation step. An attacker can leverage this vulnerability to bypass authentication on the system,” a Zero Day Initiative (ZDI) advisory reads.

According to Kheirkhah, because the method is accessible without authentication, an attacker can supply specific parameters to create a user account that is assigned the ‘System Administrator’ role.

“This allows a remote unauthenticated attacker to create an administrator user and login,” Kheirkhah underlines.

Once the authentication has been bypassed, the attacker can exploit a recently addressed insecure deserialization issue in the Telerik Report Server to achieve remote code execution (RCE), the researcher explains.

Remotely exploitable, the deserialization flaw, tracked as CVE-2024-1800, was addressed in Report Server version 2024 Q1 (10.0.24.130).

“The specific flaw exists within the ObjectReader class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of System,” a ZDI advisory reads.

As Kheirkhah points out, Progress Software incorrectly assessed the bug with a CVSS score of 9.9. Because successful exploitation requires authentication, CVE-2024-1800 has a CVSS score of 8.8, as ZDI’s advisory notes.

The critical authentication bypass vulnerability (CVE-2024-4358) was resolved in Telerik Report Server version 2024 Q2 (10.1.24.514). Progress Software says it has not received reports of this flaw being exploited in attacks.

Users are advised to update their instances as soon as possible, as Kheirkhah has published a comprehensive technical writeup of the bug, as well as proof-of-concept (PoC) code targeting it.

*Updated with the correct patched version

Related: Critical Vulnerability in Progress Flowmon Allows Remote Access to Systems

Related: ‘BatBadBut’ Command Injection Vulnerability Affects Multiple Programming Languages

Related: Toward Better Patching — A New Approach with a Dose of AI

Latest News

CYBERNEWSMEDIAPublisher