Progress Telerik Report Server — known CVE vulnerabilities
Every CVE whose affected-product data names Progress Telerik Report Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2024-6327 — CVSS 9.9 (critical): In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an…
CVE-2024-1800 — CVSS 9.9 (critical): In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code execution attack is possible through an…
CVE-2024-8015 — CVSS 9.1 (critical): In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object…
CVE-2025-0556 — CVSS 8.8 (high): In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation…
CVE-2024-7292 — CVSS 7.5 (high): In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a credential stuffing attack is possible through improper…
CVE-2024-7295 — CVSS 7.1 (high): In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of local asset data used an older algorithm…
CVE-2024-4837 — CVSS 5.3 (medium): In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik…