How severe is CVE-2017-11317?

CVE-2017-11317 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2017-11317

Name: ui_for_asp.net_ajax
Author: telerik

9.8CRITICAL

Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote attackers to perform arbitrary file uploads or

Veröffentlicht: 8/23/2017Aktualisiert: 10/22/2025

CISA Bekannte Ausgenutzte Schwachstelle

Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX allows remote attackers to perform arbitrary file uploads or execute arbitrary code.

Erforderliche Maßnahme:

Apply updates per vendor instructions.

Fälligkeitsdatum:

2022-05-02

Beschreibung

Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code.

KI-AnalyseKI-gestützt

Betroffene Produkte

telerikui_for_asp.net_ajax

2017.2.503

telerikui_for_asp.net_ajax

2017.2.621

CISA Bekannte Ausgenutzte Schwachstelle

Beschreibung

KI-AnalyseKI-gestützt

Betroffene Produkte

Verfügbare Exploits (1)

Telerik UI for ASP.NET AJAX 2012.3.1308 < 2017.1.118 - Arbitrary File Upload

Referenzen