← ExploitWatch
HomeExploited Vulnerabilities

CVE-2017-11357 — Actively Exploited: User Interface (UI) for ASP.NET AJAX (Telerik)

Telerik UI for ASP.NET AJAX contains an insecure direct object reference vulnerability in RadAsyncUpload that can result in file uploads in a limited location and/or remote code execution.

CVE IDCVE-2017-11357
VendorTelerik
ProductUser Interface (UI) for ASP.NET AJAX
Vulnerability nameTelerik UI for ASP.NET AJAX Insecure Direct Object Reference Vulnerability
Date added2023-01-26
Remediation due2023-02-16
Known ransomware useKnown
Required actionApply updates per vendor instructions.
DescriptionTelerik UI for ASP.NET AJAX contains an insecure direct object reference vulnerability in RadAsyncUpload that can result in file uploads in a limited location and/or remote code execution.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →