Security updates: Attackers can bypass login to Telerik Report Server

Admins of companies that use Telerik Report Server to create business reports, among other things, should update the report management solution for security reasons.

Otherwise, attackers can exploit several security vulnerabilities and, in the worst case, execute malicious code to compromise systems. Various versions are at risk. In the articles linked below this message, admins will find specific information on vulnerable and repaired versions of Telerik Report Server.

The vulnerabilities

The most dangerous is a"critical" vulnerability (CVE-2024-4358), which can be successfully exploited by attackers without authentication to access functions of Telerik Report Server that are actually sealed off. The developers are not currently explaining how such an attack could take place.

To protect systems, admins must install version 2024 Q2 (10.1.24.514). All previous versions should be vulnerable. If installation is not immediately possible, admins can temporarily protect servers using a URL rewrite workaround described in the warning message.

If attackers successfully exploit another"critical" vulnerability (CVE-2024-8015), malicious code can get onto systems. This can also happen via another vulnerability (CVE-2024-8014"high").

In addition, unauthorized access to system files is still possible (CVE-2024-4357"medium"). Unfortunately, the developers do not explain how admins can recognize systems that have already been attacked. There is no indication in the warning messages that attacks are already underway.

Telerik software last made headlines in September of this year when the developers closed several vulnerabilities in Telerik UI for WPF.

• Authentication Bypass Vulnerability
• Insecure Type Resolution Vulnerability
• Insecure Type Resolution Vulnerability
• Improper Restriction of XML External Entities

(des)