CVE-2017-11357

Warnung

Exploit

EPSS 93.42%
Veröffentlicht 23.08.2017 17:29:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code.

Betroffene Produkte Warnungen 1 Metriken 4 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Telerik ≫ Ui For Asp.Net Ajax Version < 2020.1.114

26.01.2023: CISA Known Exploited Vulnerabilities (KEV) Catalog

Telerik UI for ASP.NET AJAX Insecure Direct Object Reference Vulnerability

Schwachstelle

Telerik UI for ASP.NET AJAX contains an insecure direct object reference vulnerability in RadAsyncUpload that can result in file uploads in a limited location and/or remote code execution.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	93.42%	0.998

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-434 Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

https://www.exploit-db.com/exploits/43874/

Third Party Advisory

Exploit

VDB Entry

http://www.telerik.com/support/kb/aspnet-ajax/upload-%28async%29/details/insecure-direct-object-reference

Vendor Advisory

Mitigation

https://nvd.nist.gov/vuln/detail/CVE-2017-11357

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-11357

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-11357

EUVD