Telerik Report Server Security Vulnerabilities and Issues — Telerik Report Server CVE List

cve

CVE-2024-4358

In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass...

9.8CVSS

9.7AI Score

0.938EPSS

2024-05-29 03:16 PM

87

In Wild

cve

CVE-2024-4837

In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via a trust boundary violation...

5.3CVSS

7AI Score

0.0004EPSS

2024-05-15 05:15 PM

5

cve

CVE-2024-4357

An information disclosure vulnerability exists in Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, allows low-privilege attacker to read systems file via XML External Entity...

6.5CVSS

6.1AI Score

0.001EPSS

2024-05-15 05:15 PM

3

cve

CVE-2024-1800

In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code execution attack is possible through an insecure deserialization...

9.9CVSS

9.7AI Score

0.0005EPSS

2024-03-20 01:15 PM

39

In Wild