by vicarius
log in join community
by @secatgourity
06 Aug 2024
#existing_exploit_analysis

Analyze a CVE exploitation

publish

Analyzing Telerik Report Server Authentication Bypass Exploit (CVE-2024-4358)

by @secatgourity
by @secatgourity
06 Aug 2024
#existing_exploit_analysis

Analyze a CVE exploitation

publish

Analyzing Telerik Report Server Authentication Bypass Exploit (CVE-2024-4358)

CVEs

CVE-2024-4358
9.8 Critical Severity

Screenshots from the blog posts

images/clzhim70afh2y1in9813c930r.jpgimages/clzhim70afh2y1in9813c930r.jpg

Summary

In this post, we will analyze the Progress Telerik Report Server Authentication Bypass to RCE exploit (CVE-2024-4358) and understand how it works to pwn the vulnerable targets for fun and profit!

Script link

CVE-2024-4358/CVE-2024-4358.py at main · sinsinology/CVE-2024-4358

Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800) - sinsinology/CVE-2024-4358

image

Description

Tags

#RCE#exposed_to_RCE_attack#authentication-bypass#telerik

@secatgourity

190 posts

Total vcoins

0

Social media links

Comments (0)