Skip to content
Join Censys on September 10, 2024 for our Threat Hunting Workshop in San Francisco, CA | Register Now
Advisory

July 25, 2024 Advisory: Progress Telerik Report Server RCE [CVE-2024-6327]

Share

July 25, 2024
Tags:
  • Date Disclosed: July 24th, 2024
  • CVE-ID and CVSS Score: CVE-2024-6327 (CVSS Score 9.9)
  • Issue Name and Description: Progress Telerik Report Server Insecure Deserialization Vulnerability Leads to RCE
  • Asset Description: Progress Telerik Report Server is a reporting platform designed to help organizations streamline their business intelligence (BI) initiatives.
  • Vulnerability Impact: Progress Telerik Report Server versions before 2024 Q2 (10.1.24.709) are vulnerable to a insecure deserialization vulnerability that would allow remote code execution.
  • Exploitation Details: This vulnerability is not currently being exploited and there is currently no known PoC available.
  • Patch Availability: Progress has released Report Server 2024 Q2 (10.1.24.709) and strongly recommends upgrading to remove this vulnerability.
  • Detection with Censys: The following queries can be leveraged to identify all Censys-visible public-facing Telerik Report Server instances. Please note that only the ASM Risk checks for the vulnerability while the other queries look for exposures.
    • Censys Search query: services.software: (vendor: “Progress” and product: “Telerik Report Server”)
    • Censys ASM query: host.services.software: (vendor: “Progress” and product: “Telerik Report Server”) or web_entity.instances.software: (vendor: “Progress” and product: “Telerik Report Server”)
    • Censys ASM Risk query: risks.name=”Vulnerable Progress Telerik Report Server [CVE-2024-6327]”
  • References:

 

Similar Content

View All Similar Content
Back to Resources Hub
Attack Surface Management Solutions
Learn more