admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-07 03:02:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2024/CVE-2024-4358.md

22 lines
950 B
Markdown
Raw Normal View History

Update CVE sources 2024-06-07 04:52
2024-06-07 04:52:01 +00:00
### [CVE-2024-4358](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4358)
![](https://img.shields.io/static/v1?label=Product&message=Telerik%20Report%20Server&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%2010.1.24.514%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-290%20Authentication%20Bypass%20by%20Spoofing&color=brighgreen)
### Description
In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/GhostTroops/TOP
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/securitycipher/daily-bugbounty-writeups
- https://github.com/sinsinology/CVE-2024-4358
- https://github.com/tanjiti/sec_profile
Reference in New Issue Copy Permalink