SQL Server Reporting Services RCE Vulnerability CVE-2020-0618 Scanner

Stay Up To Date
Asset Type


Need Membership


Asset Verify


API Support


Estimate Time (Second)


SQL Server Reporting Services RCE Vulnerability CVE-2020-0618 Scanner Detail

If you are using SQL Server Reporting Services, it is better to check your system if any vulnerability exists.

What is SQL Server Reporting Services?

SQL Server Reporting Services (SSRS) provides a set of on-premises tools and services that create, deploy, and manage mobile and paginated reports.


Functionality within the SSRS web application allowed low privileged user accounts to run code on the server by exploiting a deserialisation issue. Although the application was only accessible to authorised users, the lowest privilege (the Browser role) was sufficient in order to exploit this issue.

Some Advice for Common Problems

Apply the February 2020 patch on the server. It should be noted that attackers can easily encode their requests to evade web application firewalls. As a result, patching would be the only robust option to stop this vulnerability.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service