Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.
Sign upTelerik UI for ASP.NET AJAX RadAsyncUpload Enabled #308
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
A new flaw has been found in Telerik UI for ASP.NET AJAX (CVE-2019-18935), which can allow for RCE. Due to the fact that there doesn't appear to be possible to reliably determine the version of the software being used, it's not possible to determine if it is vulnerable.
We can however, tell if the key feature is enabled, by sending a get to
/Telerik.Web.UI.WebResource.axd?type=rauand looking for the following:The other option would be to build out a full exploit, but that could be too complex / slow to be reasonable. We will take the approach that we should warn if this is found at all, and let the user dig into it manually (we can save time by pointing it out, but we can't do everything for them.)