How severe is CVE-2017-11317?

CVE-2017-11317 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2017-11317

Name: ui_for_asp.net_ajax
Author: telerik

9.8CRITICAL

Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote attackers to perform arbitrary file uploads or

公開日: 8/23/2017更新日: 10/22/2025

CISA既知の悪用された脆弱性

Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX allows remote attackers to perform arbitrary file uploads or execute arbitrary code.

必要な対応:

Apply updates per vendor instructions.

期限:

2022-05-02

説明

Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code.

AI分析AIによる分析

影響を受ける製品

telerikui_for_asp.net_ajax

2017.2.503

telerikui_for_asp.net_ajax

2017.2.621

CISA既知の悪用された脆弱性

説明

AI分析AIによる分析

影響を受ける製品

利用可能なエクスプロイト (1)

Telerik UI for ASP.NET AJAX 2012.3.1308 < 2017.1.118 - Arbitrary File Upload

参照