Main Vulnerability Database Vulnerabilities #VU9684

#VU9684 Improper security restrictions in UI for ASP.NET AJAX - CVE-2017-11317

Published: December 14, 2017 / Updated: April 11, 2022

Vulnerability identifier: #VU9684

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber

CVE-ID: CVE-2017-11317

CWE-ID: CWE-264

Exploitation vector: Remote access

Exploit availability: The vulnerability is being exploited in the wild

Vulnerable software:
UI for ASP.NET AJAX

Software vendor:
Progress Telerik

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists in Progress Telerik User Interface (UI) for ASP.NET AJAX due to weak RadAsyncUpload control encryption mechanism for data encryption. A remote attacker can upload arbitrary files and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Update to version 2017.1.118 and 2017.2.711.

External links

https://www.telerik.com/support/kb/aspnet-ajax/upload-%28async%29/details/unrestricted-file-upload