Shodan
Vulnerabilities
Vulnerable Software
Progress:  >> Telerik Reporting  >> 12.1.18.516  Security Vulnerabilities
CVE-2024-6097
In Progress® Telerik® Reporting versions prior to 2025 Q1 (19.0.25.211), information disclosure is possible by a local threat actor through an absolute path vulnerability.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-02-12
CVE-2024-8048
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible using object injection via insecure expression evaluation.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-10-09
CVE-2024-7840
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a command injection attack is possible through improper neutralization of hyperlink elements.
CVSS Score
7.8
EPSS Score
0.003
Published
2024-10-09
CVE-2024-8014
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible through object injection via an insecure type resolution vulnerability.
CVSS Score
8.8
EPSS Score
0.021
Published
2024-10-09
CVE-2024-6096
In Progress® Telerik® Reporting versions prior to 18.1.24.709, a code execution attack is possible through object injection via an insecure type resolution vulnerability.
CVSS Score
8.8
EPSS Score
0.014
Published
2024-07-24
CVE-2024-4200
In Progress® Telerik® Reporting versions prior to 2024 Q2 (18.1.24.2.514), a code execution attack is possible by a local threat actor through an insecure deserialization vulnerability.
CVSS Score
7.7
EPSS Score
0.0
Published
2024-05-15
CVE-2024-4202
In Progress® Telerik® Reporting versions prior to 2024 Q2 (18.1.24.514), a code execution attack is possible through an insecure instantiation vulnerability.
CVSS Score
7.7
EPSS Score
0.0
Published
2024-05-15
CVE-2024-1856
In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack is possible by a remote threat actor through an insecure deserialization vulnerability.
CVSS Score
8.5
EPSS Score
0.004
Published
2024-03-20
CVE-2024-1801
In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack is possible by a local threat actor through an insecure deserialization vulnerability.
CVSS Score
7.7
EPSS Score
0.0
Published
2024-03-20
CVE-2024-0832
In Telerik Reporting versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component.  In an environment where an existing Telerik Reporting install is present, a lower privileged user has the ability to manipulate the installation package to elevate their privileges on the underlying operating system.
CVSS Score
7.8
EPSS Score
0.007
Published
2024-01-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved