Not again, not again! Telerik was a favorite amongst baddies with prior deserialization and other issues.
CVE-2024-6327, CVSS 9.9: In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability.docs.telerik.com/report-server/knowledge-base/deserialization-vulnerability-cve-2024-6327
#ThreatIntel #Vulnerability #CVE_2024_6327
Taggart :donor: /
npub1ft…k87qx
2024-07-25 16:11:50
Author Public Key
npub1ftansv8hchdst4vngsu808mrc0k3gqd2qw3wkrxrekn5xce6afss2k87qxPublished at
2024-07-25 16:11:50Event JSON
{
"id": "d84f6a2440a2a26a68f134723dd1b8334f5b41e5a31bb29239f90272bdfaa747",
"pubkey": "4afb3830f7c5db05d5934438779f63c3ed1401aa03a2eb0cc3cda743633aea61",
"created_at": 1721923910,
"kind": 1,
"tags": [
[
"t",
"threatintel"
],
[
"t",
"vulnerability"
],
[
"t",
"cve_2024_6327"
],
[
"proxy",
"https://infosec.town/notes/9w51clpfkbexg7dq",
"activitypub"
]
],
"content": "Not again, not again! Telerik was a favorite amongst baddies with prior deserialization and other issues.\n\nCVE-2024-6327, CVSS 9.9: In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability.docs.telerik.com/report-server/knowledge-base/deserialization-vulnerability-cve-2024-6327\n\n#ThreatIntel #Vulnerability #CVE_2024_6327",
"sig": "fa52ccacb0a9d4d18130d2c382522c9b327c1bb43faa9084df3359e6fa5fc008d961d1be43fd2f97a569ce626dbb361c8b5dfea0da6d90781c1302fb495a5cc8"
}