Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Telerik Web UI Improper Input Validation Vulnerability - CVE-2017-11357 - Vulnerability Database
Telerik Web UI

Telerik Web UI Improper Input Validation Vulnerability - CVE-2017-11357

Critical
Reference: CVE-2017-11357
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2017-11357
Title: Telerik Web UI Improper Input Validation Vulnerability
Overview:

Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload which allows remote attackers to perform arbitrary file uploads or execute arbitrary code.