Overview
- Description
- Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Known exploits
Data from CISA
- Vulnerability name
- Telerik UI for ASP.NET AJAX Insecure Direct Object Reference Vulnerability
- Exploit added on
- Jan 26, 2023
- Exploit action due
- Feb 16, 2023
- Required action
- Apply updates per vendor instructions.
Weaknesses
- nvd@nist.gov
- CWE-434
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:telerik:ui_for_asp.net_ajax:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E98B8E56-660F-4AD3-90B0-F799B2257F95",
"versionEndExcluding": "2020.1.114"
}
],
"operator": "OR"
}
]
}
]