CVE-2017-11357

Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to...

Basic Information

CVE State: PUBLISHED
Reserved Date: July 16, 2017
Published Date: August 23, 2017
Last Updated: February 07, 2025
Vendor: Progress
Product: Telerik UI for ASP.NET AJAX
Description: Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code.
Tags

CVSS Scores

CVSS v3.1

9.8 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0

7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SSVC Information

Exploitation: active
Automatable: Yes
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (2023-01-26 00:00:00 UTC) Source
Used in Malware: Yes (added 2023-01-26 00:00:00 UTC) Source

References

https://www.exploit-db.com/exploits/43874/ http://www.telerik.com/support/kb/aspnet-ajax/upload-%28async%29/details/insecure-direct-object-reference

Known Exploited Vulnerability Information

Source	Added Date
CISA	2023-01-26 00:00:00 UTC

Timeline

CVE ID Reserved

July 16, 2017
CVE Published to Public

August 23, 2017
Exploit Used in Malware

January 26, 2023
Added to KEVIntel

January 26, 2023