AjaxControlToolkit directory traversal
Description
AjaxControlToolkit versions 7.429 through 7.1213 contain a directory traversal vulnerability in the file upload functionality. An attacker can manipulate file paths during upload to write files outside the intended directory, potentially placing executable code in web-accessible locations. This vulnerability was introduced in version 7.429 (released April 30, 2013) and affects all versions prior to 15.1. The flaw is particularly dangerous on web servers with permissive file execution configurations.
Vulnerable versions:
- 7.1213.0
- 7.1005.0
- 7.1002.0
- 7.930.0
- 7.725.0
- 7.607.0
- 7.429.0
Remediation
Immediately upgrade AjaxControlToolkit to version 15.1 or later, which addresses this vulnerability. Follow these steps:<br/><br/><ol><li><strong>Update the package:</strong> Use NuGet Package Manager to upgrade to the latest version:<pre>Update-Package AjaxControlToolkit</pre></li><li><strong>Verify the version:</strong> Confirm the installed version is 15.1 or higher by checking your packages.config or project references.</li><li><strong>Review server configuration:</strong> As a defense-in-depth measure, ensure your web server is configured to prevent execution of files in upload directories by removing script execution permissions and implementing strict file type validation.</li><li><strong>Test thoroughly:</strong> After upgrading, test all file upload functionality to ensure proper operation and that directory traversal attempts are blocked.</li></ol>If immediate upgrade is not possible, implement temporary mitigations such as disabling file upload functionality or adding server-level path validation to reject requests containing directory traversal sequences (../, ..\ ).