How severe is CVE-2017-11317?

CVE-2017-11317 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2017-11317

Name: ui_for_asp.net_ajax
Author: telerik

9.8CRITICAL

Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote attackers to perform arbitrary file uploads or

게시됨: 8/23/2017업데이트됨: 10/22/2025

CISA 알려진 악용 취약점

Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX allows remote attackers to perform arbitrary file uploads or execute arbitrary code.

필요한 조치:

Apply updates per vendor instructions.

마감일:

2022-05-02

설명

Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code.

AI 분석AI 기반

영향받는 제품

telerikui_for_asp.net_ajax

2017.2.503

telerikui_for_asp.net_ajax

2017.2.621

CISA 알려진 악용 취약점

설명

AI 분석AI 기반

영향받는 제품

사용 가능한 익스플로잇 (1)

Telerik UI for ASP.NET AJAX 2012.3.1308 < 2017.1.118 - Arbitrary File Upload

참조