CVE-2024-4358 & CVE-2024-1800: PoC Exploit Published for Pre-Authenticated RCE Chain in Progress Telerik Report Server

Share :

On 31 May 2024, a Proof of Concept (PoC) exploit and technical analysis were published for a pre-authentication Remote Code Execution (RCE) exploit chain impacting Telerik Report Server, a product by Progress designed for streamlined report management within organisations. The technical analysis demonstrated how threat actors can utilise the recently disclosed authentication bypass vulnerability (CVE-2024-4358) to circumvent low privilege requirements and achieve RCE (CVE-2024-1800) on vulnerable Telerik Report Servers. 

While these vulnerabilities are not currently being actively exploited, Arctic Wolf has previously observed other Progress products being targeted by threat actors in the past. In 2023, the Cl0p ransomware group exploited a zero-day vulnerability (CVE-2023-34362) in Progress’s MOVEit Transfer to target over two thousand organisations globally. Threat actors are likely to target these vulnerabilities in the near term due to the publicly accessible PoC exploit and ease of exploitation. 

Recommendations for CVE-2024-4358 & CVE-2024-1800

Arctic Wolf strongly recommends updating to the latest version of Telerik Report Server. Please follow your organisation’s patching and testing guidelines to avoid any operational impact. 

Product  Affected Version  Fixed Version 
Progress Telerik Report Server  2024 Q1 ( and older  2024 Q2 ( 


Note: The insecure deserialisation vulnerability (CVE-2024-1800) impacts Report Server versions prior to 2024 Q1 ( and is remediated in Report Server 2024 Q1 ( However, to completely resolve the exploit chain update to the latest version of Telerik Report Server. 


Picture of Andres Ramos

Andres Ramos

Andres Ramos is a Threat Intelligence Researcher at Arctic Wolf with a strong background in tracking emerging threats and producing actionable intelligence for both technical and non-technical stakeholders. He has a diverse background encompassing various domains of cyber security, holds a degree in Cybersecurity Engineering, and is a CISSP.
Share :
Table of Contents