Lucene search

K
githubexploit90FD6F91-25DB-532A-A56C-9451EBDD904C
HistoryJun 03, 2024 - 8:22 a.m.

Exploit for Authentication Bypass by Spoofing in Telerik Report Server 2024

2024-06-0308:22:10
78
telerik report server
deserialization
authentication bypass
exploit chain
cve-2024-4358
cve-2024-1800
mitigation
update
progress advisory
academic research
defensive techniques
responsible use

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

0.938 High

EPSS

Percentile

99.2%

CVE-2024-4358 / CVE-2024-1800

Telerik Report Server deserializ…

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

0.938 High

EPSS

Percentile

99.2%