Vulnerability Details CVE-2017-11317
Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.928
EPSS Ranking 99.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Proposed Action
Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX allows remote attackers to perform arbitrary file uploads or execute arbitrary code.
Ransomware Campaign
Unknown
References
- http://packetstormsecurity.com/files/159653/Telerik-UI-ASP.NET-AJAX-RadAsyncUpload-Deserialization.html
- http://www.telerik.com/support/kb/aspnet-ajax/upload-%28async%29/details/unrestricted-file-upload
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0006
- https://www.exploit-db.com/exploits/43874/
- http://packetstormsecurity.com/files/159653/Telerik-UI-ASP.NET-AJAX-RadAsyncUpload-Deserialization.html
- http://www.telerik.com/support/kb/aspnet-ajax/upload-%28async%29/details/unrestricted-file-upload
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0006
- https://www.exploit-db.com/exploits/43874/
Products affected by CVE-2017-11317
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:-
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2011.1.315
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2011.1315
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2011.1413
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2011.1519
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2011.2712
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2011.2915
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2011.3.1305
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2011.31115
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2012.1.215
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2012.1.411
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2012.2.607
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2012.2.724
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2012.2.912
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2012.3.1016
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2012.3.1205
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2012.3.1308
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2013.1.220
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2013.1.403
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2013.1.417
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2013.2.611
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2013.2.717
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2013.3.1015
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2013.3.1114
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2013.3.1324
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2014.1.225
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2014.1.403
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2014.2.618
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2014.2.724
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2014.3.1024
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2014.3.1209
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2015.1.204
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2015.1.225
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2015.2.604
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2015.2.623
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2015.2.729
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2015.2.826
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2015.3.1111
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2015.3.930
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2016.1.113
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2016.1.225
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2016.2.504
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2016.2.607
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2016.3.1018
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2016.3.1027
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2016.3.914
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2017.2.503
-
cpe:2.3:a:telerik:ui_for_asp.net_ajax:2017.2.621