Description

The Telerik UI component for ASP.NET AJAX processes user input directly without modification or validation, an attack can result in arbitrary file uploads and remote code execution.

It was not confirmed that remote code execution is possible, this alert was issued based on the version of the Telerik UI component.

Remediation

Upgrade to the latest version of Telerik.Web.UI for ASP.NET AJAX, and follow the guidance in the RadAsyncUpload Security Guide (https://docs.telerik.com/devtools/aspnet-ajax/controls/asyncupload/security).

References

Insecure Direct Object Reference

RadAsyncUpload Security Guide

Telerik UI for ASP.NET AJAX Release History

Related Vulnerabilities

Multiple vulnerabilities reported in Parallels Plesk Sitebuilder

Server-Side Template Injection

WordPress OptimizePress unrestricted file upload

Fortinet Authentication bypass on administrative interface

WordPress Plugin WordPress Mega Menu-QuadMenu Remote Code Execution (2.0.6)

Severity

High

Classification

CVE-2017-11357 CWE-78 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Code Execution Unauthenticated File Upload Arbitrary File Creation