Vulnerability feed

Vulnerability

CVE-2017-11317

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2017-11317
Description:: Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code.
Last updated date:: 07/03/2024

Reports

alt

ACTIVELY EXPLOITED

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 05/16/2019
Reference url to background: https://www.cyber.gov.au/acsc/view-all-content/alerts/2019-126-vulnerable-version-telerik-ui-being-actively-exploited-apt-actor

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 04/11/2022
Reference url to background: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Type:: exploit
Confidence:: HIGH
Date of publishing:: 01/09/2018
Reference url to background: https://github.com/bao7uo/RAU_crypto

Type:: exploit
Confidence:: HIGH
Date of publishing:: 01/24/2018
Reference url to background: https://www.exploit-db.com/exploits/43874

Type:: exploit
Confidence:: HIGH
Date of publishing:: 02/24/2021
Reference url to background: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/telerik_rau_deserialization.rb

Type:: exploit
Confidence:: HIGH
Date of publishing:: 07/03/2024
Reference url to background: http://packetstormsecurity.com/files/159653/Telerik-UI-ASP.NET-AJAX-RadAsyncUpload-Deserialization.html

Type:: exploit
Confidence:: HIGH
Date of publishing:: 07/03/2024
Reference url to background: https://www.exploit-db.com/exploits/43874/

Vulnerability Feed Contributors About Blog

@inTheWild

©2024 |