Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:18 a.m.21 views

CVE-2019-18935

Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Exploitation can result in remote...

9.8CVSS9.9AI score0.99737EPSS
Exploits20References1
Prion
Prion
added 2021/12/22 6:15 a.m.43 views

Deserialization of untrusted data

An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attackers to execute remote code through a deserialization exploitation in the RadAsyncUpload function of ASP.NET AJAX. An attacker can leverage this vulnerability when the encryption keys are known due...

7.5CVSS9.6AI score0.83476EPSS
Exploits9References1Affected Software1
CVE
CVE
added 2021/12/22 5:8 a.m.249 views

CVE-2021-44029

CVE-2021-44029 affects Quest KACE Desktop Authority prior to 11.2. The issue allows remote code execution via deserialization in the RadAsyncUpload function of ASP.NET AJAX; exploitation is possible when encryption keys are known (related to CVE-2017-11317/11357 or other means). In newer ASP.NET ...

9.8CVSS9.6AI score0.00868EPSS
In wildExploits0References1Affected Software1
Circl
Circl
added 2020/10/20 3:57 p.m.10 views

CVE-2017-11357

creationtimestamp| type| source ---|---|--- 2020-10-20 15:57:21+00:00| seen| MISP/42d04e94-bf5b-427d-acc8-f5d740675941 2020-10-20 15:58:04+00:00| seen| MISP/d925a2ee-e7cf-46f6-bec1-ad8e19122730 2023-06-14 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-06-17 09:49:44+00:00|...

9.8CVSS7.5AI score0.75709EPSS
Exploits5References5
Check Point Advisories
Check Point Advisories
added 2020/07/13 12:0 a.m.30 views

Telerik UI Arbitrary File Upload (CVE-2017-11317; CVE-2017-11357)

An arbitrary file upload vulnerability exists in Telerik UI. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS4.9AI score0.83476EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2020/07/01 12:0 a.m.188 views

Telerik UI for ASP.NET AJAX RadAsyncUpload .NET Deserialization Vulnerability

According to its self-reported version number, the version of Telerik UI for ASP.NET AJAX prior to 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or...

9.8CVSS10AI score0.99737EPSS
Exploits20References3
GithubExploit
GithubExploit
added 2020/05/29 7:29 a.m.1007 views

Exploit for Deserialization of Untrusted Data in Telerik Ui_For_Asp.Net_Ajax

RAUcrypto !Languagehttps://img.shields.io/badge/Lang-Pyth...

9.8CVSS8.9AI score0.99737EPSS
Exploits23
Tenable Nessus
Tenable Nessus
added 2020/04/24 12:0 a.m.580 views

Telerik UI for ASP.NET AJAX RadAsyncUpload .NET Deserialization Vulnerability

Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Exploitation can result in remote...

9.8CVSS8.5AI score0.99737EPSS
Exploits19References4
Openbugbounty
Openbugbounty
added 2020/04/07 3:29 p.m.7 views

wowhomes.vn Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1135714 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

0.6AI score
Exploits0
Prion
Prion
added 2019/12/11 1:15 p.m.50 views

Deserialization of untrusted data

Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Exploitation can result in remote...

7.5CVSS9.7AI score0.99737EPSS
Exploits20References10Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/03/02 12:0 a.m.625 views

Telerik UI for ASP.NET AJAX RadAsyncUpload Multiple Vulnerabilities

The version of Telerik UI for ASP.NET AJAX installed on the remote Windows host is affected by multiple vulnerabilities in Telerik.Web.UI.dll. An unauthenticated, remote attacker can exploit this, via specially crafted data, to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Securit...

9.8CVSS9.2AI score0.83476EPSS
Exploits9References4
Exploit DB
Exploit DB
added 2018/01/24 12:0 a.m.140 views

Telerik UI for ASP.NET AJAX 2012.3.1308 < 2017.1.118 - Arbitrary File Upload

Exploit Title: Telerik UI for ASP.NET AJAX RadAsyncUpload uploader Filename: RAUcrypto.py Github: https://github.com/bao7uo/RAUcrypto Date: 2018-01-23 Exploit Author: Paul Taylor / Foregenix Ltd Website: http://www.foregenix.com/blog Version: Telerik UI for ASP.NET AJAX CVE: CVE-2017-11317,...

9.8CVSS9.8AI score0.83476EPSS
Exploits9
GithubExploit
GithubExploit
added 2018/01/09 1:53 p.m.302 views

Exploit for Inadequate Encryption Strength in Telerik Ui_For_Asp.Net_Ajax

RAUcrypto !Languagehttps://img.shields.io/badge/Lang-Pyth...

9.8CVSS8.8AI score0.99737EPSS
Exploits23
Vulnrichment
Vulnrichment
added 2017/08/23 5:0 p.m.15 views

CVE-2017-11357

Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code...

7.8AI score0.75709EPSS
Exploits5References2
Cvelist
Cvelist
added 2017/08/23 5:0 p.m.38 views

CVE-2017-11357

Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code...

9.8AI score0.75709EPSS
Exploits5References2
ATTACKERKB
ATTACKERKB
added 2017/08/23 12:0 a.m.41 views

CVE-2017-11357

Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker...

9.8CVSS6.5AI score0.75709EPSS
In wildExploits5References4
Rows per page
Query Builder