All 10 CVE vulnerabilities found in Telerik Report Server, with AI-generated Chinese analysis, references, and POCs.
Vendor: Progress Software Corporation
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2025-0556 | Telerik Report Server Clear Text Transmission of Agent Commands CWE-319 | 8.8 | High | 2025-02-12 |
| CVE-2024-7295 | Hard-coded credentials used for temporary and cache data encryption CWE-798 | 7.1 | High | 2024-11-13 |
| CVE-2024-7292 | Account Controller allows high count of login attempts CWE-307 | 7.5 | High | 2024-10-09 |
| CVE-2024-7294 | Uncontrolled resource consumption of anonymous endpoints CWE-400 | 7.5 | High | 2024-10-09 |
| CVE-2024-7293 | Password policy for new users is not strong enough CWE-521 | 7.5 | High | 2024-10-09 |
| CVE-2024-6327 | Progress Telerik Report Server Deserialization CWE-502 | 9.9 | Critical | 2024-07-24 |
| CVE-2024-4358 | Registration Authentication Bypass Vulnerability CWE-290 | 9.8 | Critical | 2024-05-29 |
| CVE-2024-4837 | Trust Boundary Violation Vulnerability CWE-200 | 5.3 | Medium | 2024-05-15 |
| CVE-2024-4357 | XML External Entity Processing Information Disclosure CWE-611 | 6.5 | Medium | 2024-05-15 |
| CVE-2024-1800 | Progress Telerik Report Server Deserialization CWE-502 | 9.9 | Critical | 2024-03-20 |
All 10 known CVE vulnerabilities affecting Telerik Report Server with full Chinese analysis, references, and POCs where available.