PoC for Progress Telerik RCE chain released (CVE-2024-4358, CVE-2024-1800)
Security researchers have published a proof-of-concept (PoC) exploit that chains together two vulnerabilities (CVE-2024-4358, CVE-2024-1800) to achieve unauthenticated remote code execution on Progress Telerik Report Servers. Telerik Report Server is a centralized enterprise platform for report creation, management, storage and delivery/distribution. As noted by Censys earlier this year, β€œan attacker with remote access and an ability to execute malicious code on such an asset may allow such an attacker to not only interfere with reporting … More β†’ The post PoC for Progress Telerik RCE chain released (CVE-2024-4358, CVE-2024-1800) appeared first on Help Net Security.
Jun 05, 2024