Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
telerik vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-11414
An issue exists in Progress Telerik UI for Silverlight prior to 2020.1.330. The RadUploadHandler class in RadUpload for Silverlight expects a web request that provides the file location of the uploading file along with a few other parameters. The uploading file location should be...
Telerik Ui For Silverlight
7.5
CVSSv2
CVE-2019-18935
Progress Telerik UI for ASP.NET AJAX up to and including 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Explo...
Telerik Ui For Asp.net Ajax
17 Github repositories
2 Articles
7.5
CVSSv2
CVE-2014-2217
Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote malicious users to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadat...
Telerik Ui For Asp.net Ajax
1 Github repository
7.5
CVSSv2
CVE-2017-11357
Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote malicious users to perform arbitrary file uploads or execute arbitrary code.
Telerik Ui For Asp.net Ajax
1 EDB exploit
4 Github repositories
7.5
CVSSv2
CVE-2021-28141
An issue exists in Progress Telerik UI for ASP.NET AJAX 2021.1.224. It allows unauthorized access to MicrosoftAjax.js through the Telerik.Web.UI.WebResource.axd file. This may allow the malicious user to gain unauthorized access to the server and execute code. To exploit, one mus...
Telerik Ui For Asp.net Ajax 2021.1.224
5
CVSSv2
CVE-2018-17060
Telerik Extensions for ASP.NET MVC (all versions) does not whitelist requests, which can allow a remote malicious user to access files inside the server's web directory. NOTE: this product has been obsolete since June 2013.
Progress Telerik Extensions For Asp.net Mvc
4.3
CVSSv2
CVE-2017-9140
Cross-site scripting (XSS) vulnerability in Telerik.ReportViewer.WebForms.dll in Telerik Reporting for ASP.NET WebForms Report Viewer control before R1 2017 SP2 (11.0.17.406) allows remote malicious users to inject arbitrary web script or HTML via the bgColor parameter to Telerik...
Progress Telerik Reporting
Progress Sitefinity Cms
7.8
CVSSv2
CVE-2014-0701
Cisco Wireless LAN Controller (WLC) devices 7.0 prior to 7.0.250.0, 7.2, 7.3, and 7.4 prior to 7.4.110.0 do not properly deallocate memory, which allows remote malicious users to cause a denial of service (reboot) by sending WebAuth login requests at a high rate, aka Bug ID CSCuf...
Cisco Wireless Lan Controller Software 7.2
Cisco Wireless Lan Controller Software 7.2.110.0
Cisco Wireless Lan Controller Software 7.3.101.0
Cisco Wireless Lan Controller Software 7.0
Cisco Wireless Lan Controller Software 7.0.220.0
Cisco Wireless Lan Controller Software 7.0.235.0
Cisco Wireless Lan Controller Software 7.4.100.0
Cisco Wireless Lan Controller Software 7.4.100.60
Cisco Wireless Lan Controller Software 7.2.103.0
Cisco Wireless Lan Controller Software 7.3
10
CVSSv2
CVE-2014-0703
Cisco Wireless LAN Controller (WLC) devices 7.4 prior to 7.4.110.0 distribute Aironet IOS software with a race condition in the status of the administrative HTTP server, which allows remote malicious users to bypass intended access restrictions by connecting to an Aironet access ...
Cisco Wireless Lan Controller Software 7.4.100.0
Cisco Wireless Lan Controller Software 7.4.100.60
Cisco Wireless Lan Controller
7.1
CVSSv2
CVE-2014-0705
The multicast listener discovery (MLD) service on Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, 7.4 prior to 7.4.121.0, and 7.5, when MLDv2 Snooping is enabled, allows remote malicious users to cause a denial of service (device restart) via a malformed IPv6 MLDv2 packet, ...
Cisco Wireless Lan Controller Software 7.2
Cisco Wireless Lan Controller Software 7.2.110.0
Cisco Wireless Lan Controller Software 7.3
Cisco Wireless Lan Controller Software 7.3.101.0
Cisco Wireless Lan Controller Software 7.4.100.0
Cisco Wireless Lan Controller Software 7.5
Cisco Wireless Lan Controller Software 7.2.103.0
Cisco Wireless Lan Controller Software 7.4.100.60
Cisco Wireless Lan Controller
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »