Technology NewsTechnology NewsTechnology News
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Reading: Progress Telerik Server Vulnerabilities Threaten Security
Share
Font ResizerAa
Technology NewsTechnology News
Font ResizerAa
Search
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Follow US
  • Cookie Policy (EU)
  • Contact
  • About
© 2025 NEWSLINKER - Powered by LK SOFTWARE
Cybersecurity

Progress Telerik Server Vulnerabilities Threaten Security

Highlights

  • Two critical vulnerabilities found in Progress Telerik Report Server.

  • Authentication Bypass and Insecure Deserialization threaten system security.

  • Users urged to update software to prevent unauthorized access.

Samantha Reed
Last updated: 5 June, 2024 - 11:16 am 11:16 am
Samantha Reed 12 months ago
Share
SHARE

Recent revelations have uncovered critical security vulnerabilities in Progress Telerik Report Server, posing severe risks to system integrity. The vulnerabilities, identified as Authentication Bypass and Insecure Deserialization, signal significant flaws that could allow unauthorized access and potential remote code execution. This discovery highlights the urgency for robust cybersecurity measures to protect sensitive data and maintain system security.

Progress Telerik Report Server is a comprehensive business reporting solution that facilitates the creation, storage, and management of reports. Originally launched by Progress Software, it enables developers to design, preview, and publish reports seamlessly. This server solution supports various data sources, providing versatile reporting tools for businesses since its launch. The latest version aimed at enhancing performance and security has now come under scrutiny due to the newly discovered vulnerabilities.

The revelations about these vulnerabilities bring to light significant security concerns. Previously, similar issues were identified, but the severity of the current ones, rated at 9.8 (Critical) and 9.9 (Critical), underscores the evolving nature of cyber threats. A unique aspect of the current threats is the possibility of combining both vulnerabilities to create a system administrator account, potentially giving attackers full control over affected systems. Moreover, the lack of effective checks to prevent unauthorized access amplifies the risk.

Earlier security lapses had already pointed out flaws in authentication mechanisms, but the recent findings present broader implications. Comparatively, past incidents predominantly focused on singular vulnerabilities, whereas the current scenario involves a combination that could lead to more extensive exploitation. The response to these vulnerabilities must, therefore, be more comprehensive and prompt to mitigate potential impacts.

Technical Insights

The vulnerabilities are rooted in the “Register” method, which allows unauthenticated access to create accounts with system administrator privileges. This mirrors issues found in other software, like ConnectWise ScreenConnect. Additionally, the Insecure Deserialization vulnerability, involving the ReportXmlSerializer() function, can lead to remote code execution, given the right conditions. Researchers have not only identified these vulnerabilities but also proposed proof of concept code, making it crucial for system administrators to update their software to prevent attacks.

The key technical flaws include:

  • Unauthenticated access to the “Register” method enabling system administrator account creation.
  • Insecure deserialization in ReportXmlSerializer() leading to potential remote code execution.
  • Combination of vulnerabilities to escalate privileges and control systems.

Addressing these vulnerabilities is critical to maintaining the integrity and security of systems using Progress Telerik Report Server. Users are advised to upgrade to the latest software versions to mitigate risks. The discovery of these vulnerabilities underscores the need for continuous vigilance and updates in cybersecurity practices. Keeping software up-to-date and implementing robust security protocols can significantly reduce the likelihood of exploitation. The evolving nature of cyber threats requires a proactive approach to safeguard sensitive data and system functionality.

You can follow us on Youtube, Telegram, Facebook, Linkedin, Twitter ( X ), Mastodon and Bluesky

You Might Also Like

Law Enforcement Shuts Down AVCheck to Block Cybercriminal Tool Access

FBI Arrests DIA Insider for Alleged Classified Info Leak

Senators Demand DHS Restore Cyber Safety Review Board After Hack

Treasury Department Stops Crypto Scam Network With Sanctions

Attackers Target Ivanti EPMM Flaws, Breaching Major Sectors

Share This Article
Facebook Twitter Copy Link Print
Samantha Reed
By Samantha Reed
Samantha Reed is a 40-year-old, New York-based technology and popular science editor with a degree in journalism. After beginning her career at various media outlets, her passion and area of expertise led her to a significant position at Newslinker. Specializing in tracking the latest developments in the world of technology and science, Samantha excels at presenting complex subjects in a clear and understandable manner to her readers. Through her work at Newslinker, she enlightens a knowledge-thirsty audience, highlighting the role of technology and science in our lives.
Previous Article Control Barrier Functions for Nonlinear Systems and Mobile Robots
Next Article Fibocom Showcases AIoT Innovations at COMPUTEX 2024

Stay Connected

6.2kLike
8kFollow
2.3kSubscribe
1.7kFollow

Latest News

Wordle Players Guess “ROUGH” as June Begins With Fresh Puzzle
Gaming
SpaceX and Axiom Launch New Missions as Japan Retires H-2A Rocket
Technology
AI-Powered Racecars Drive Competition at Laguna Seca Event
Robotics
Tesla Faces Removal of 64 Superchargers on New Jersey Turnpike
Electric Vehicle
SSi Mantra Robotic System Surpasses 4,000 Surgeries Globally
Robotics
NEWSLINKER – your premier source for the latest updates in ai, robotics, electric vehicle, gaming, and technology. We are dedicated to bringing you the most accurate, timely, and engaging content from across these dynamic industries. Join us on our journey of discovery and stay informed in this ever-evolving digital age.

ARTIFICAL INTELLIGENCE

  • Can Artificial Intelligence Achieve Consciousness?
  • What is Artificial Intelligence (AI)?
  • How does Artificial Intelligence Work?
  • Will AI Take Over the World?
  • What Is OpenAI?
  • What is Artifical General Intelligence?

ELECTRIC VEHICLE

  • What is Electric Vehicle in Simple Words?
  • How do Electric Cars Work?
  • What is the Advantage and Disadvantage of Electric Cars?
  • Is Electric Car the Future?

RESEARCH

  • Robotics Market Research & Report
  • Everything you need to know about IoT
  • What Is Wearable Technology?
  • What is FANUC Robotics?
  • What is Anthropic AI?
Technology NewsTechnology News
Follow US
About Us   -  Cookie Policy   -   Contact

© 2025 NEWSLINKER. Powered by LK SOFTWARE
Welcome Back!

Sign in to your account

Register Lost your password?