CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-2217

Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.057

EPSS Ranking 89.9%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2014-2217

Telerik » Ui For Asp.net Ajax » Version: N/A

cpe:2.3:a:telerik:ui_for_asp.net_ajax:-
Telerik » Ui For Asp.net Ajax » Version: 2011.1.315

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2011.1.315
Telerik » Ui For Asp.net Ajax » Version: 2011.1315

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2011.1315
Telerik » Ui For Asp.net Ajax » Version: 2011.1413

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2011.1413
Telerik » Ui For Asp.net Ajax » Version: 2011.1519

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2011.1519
Telerik » Ui For Asp.net Ajax » Version: 2011.2712

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2011.2712
Telerik » Ui For Asp.net Ajax » Version: 2011.2915

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2011.2915
Telerik » Ui For Asp.net Ajax » Version: 2011.3.1305

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2011.3.1305
Telerik » Ui For Asp.net Ajax » Version: 2011.31115

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2011.31115
Telerik » Ui For Asp.net Ajax » Version: 2012.1.215

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2012.1.215
Telerik » Ui For Asp.net Ajax » Version: 2012.1.411

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2012.1.411
Telerik » Ui For Asp.net Ajax » Version: 2012.2.607

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2012.2.607
Telerik » Ui For Asp.net Ajax » Version: 2012.2.724

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2012.2.724
Telerik » Ui For Asp.net Ajax » Version: 2012.2.912

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2012.2.912
Telerik » Ui For Asp.net Ajax » Version: 2012.3.1016

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2012.3.1016
Telerik » Ui For Asp.net Ajax » Version: 2012.3.1205

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2012.3.1205
Telerik » Ui For Asp.net Ajax » Version: 2012.3.1308

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2012.3.1308
Telerik » Ui For Asp.net Ajax » Version: 2013.1.220

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2013.1.220
Telerik » Ui For Asp.net Ajax » Version: 2013.1.403

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2013.1.403
Telerik » Ui For Asp.net Ajax » Version: 2013.1.417

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2013.1.417
Telerik » Ui For Asp.net Ajax » Version: 2013.2.611

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2013.2.611
Telerik » Ui For Asp.net Ajax » Version: 2013.2.717

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2013.2.717
Telerik » Ui For Asp.net Ajax » Version: 2013.3.1015

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2013.3.1015
Telerik » Ui For Asp.net Ajax » Version: 2013.3.1114

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2013.3.1114
Telerik » Ui For Asp.net Ajax » Version: 2013.3.1324

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2013.3.1324
Telerik » Ui For Asp.net Ajax » Version: 2014.1.225

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2014.1.225
Telerik » Ui For Asp.net Ajax » Version: 2014.1.403

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2014.1.403
Telerik » Ui For Asp.net Ajax » Version: 2014.2.618

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2014.2.618
Telerik » Ui For Asp.net Ajax » Version: 2014.2.724

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2014.2.724
Telerik » Ui For Asp.net Ajax » Version: 2014.3.1024

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2014.3.1024
Telerik » Ui For Asp.net Ajax » Version: 2014.3.1209

cpe:2.3:a:telerik:ui_for_asp.net_ajax:2014.3.1209

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-2217

Products

Pricing

Contact Us