Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
telerik vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-11414
An issue exists in Progress Telerik UI for Silverlight prior to 2020.1.330. The RadUploadHandler class in RadUpload for Silverlight expects a web request that provides the file location of the uploading file along with a few other parameters. The uploading file location should be...
Telerik Ui For Silverlight
9.8
CVSSv3
CVE-2017-11357
Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote malicious users to perform arbitrary file uploads or execute arbitrary code.
Telerik Ui For Asp.net Ajax
1 EDB exploit
4 Github repositories
9.8
CVSSv3
CVE-2019-18935
Progress Telerik UI for ASP.NET AJAX up to and including 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Explo...
Telerik Ui For Asp.net Ajax
18 Github repositories
2 Articles
NA
CVE-2014-2217
Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote malicious users to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadat...
Telerik Ui For Asp.net Ajax
1 Github repository
6.1
CVSSv3
CVE-2017-9140
Cross-site scripting (XSS) vulnerability in Telerik.ReportViewer.WebForms.dll in Telerik Reporting for ASP.NET WebForms Report Viewer control before R1 2017 SP2 (11.0.17.406) allows remote malicious users to inject arbitrary web script or HTML via the bgColor parameter to Telerik...
Progress Telerik Reporting
Progress Sitefinity Cms
5.3
CVSSv3
CVE-2018-17060
Telerik Extensions for ASP.NET MVC (all versions) does not whitelist requests, which can allow a remote malicious user to access files inside the server's web directory. NOTE: this product has been obsolete since June 2013.
Progress Telerik Extensions For Asp.net Mvc
9.8
CVSSv3
CVE-2021-28141
An issue exists in Progress Telerik UI for ASP.NET AJAX 2021.1.224. It allows unauthorized access to MicrosoftAjax.js through the Telerik.Web.UI.WebResource.axd file. This may allow the malicious user to gain unauthorized access to the server and execute code. To exploit, one mus...
Telerik Ui For Asp.net Ajax 2021.1.224
NA
CVE-2014-0703
Cisco Wireless LAN Controller (WLC) devices 7.4 prior to 7.4.110.0 distribute Aironet IOS software with a race condition in the status of the administrative HTTP server, which allows remote malicious users to bypass intended access restrictions by connecting to an Aironet access ...
Cisco Wireless Lan Controller Software 7.4.100.0
Cisco Wireless Lan Controller Software 7.4.100.60
Cisco Wireless Lan Controller
NA
CVE-2014-0705
The multicast listener discovery (MLD) service on Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, 7.4 prior to 7.4.121.0, and 7.5, when MLDv2 Snooping is enabled, allows remote malicious users to cause a denial of service (device restart) via a malformed IPv6 MLDv2 packet, ...
Cisco Wireless Lan Controller Software 7.2
Cisco Wireless Lan Controller Software 7.2.110.0
Cisco Wireless Lan Controller Software 7.3
Cisco Wireless Lan Controller Software 7.3.101.0
Cisco Wireless Lan Controller Software 7.4.100.0
Cisco Wireless Lan Controller Software 7.5
Cisco Wireless Lan Controller Software 7.2.103.0
Cisco Wireless Lan Controller Software 7.4.100.60
Cisco Wireless Lan Controller
NA
CVE-2014-0706
Cisco Wireless LAN Controller (WLC) devices 7.2 prior to 7.2.115.2, 7.3, and 7.4 prior to 7.4.110.0 allow remote malicious users to cause a denial of service (device restart) via a crafted 802.11 Ethernet frame, aka Bug ID CSCue87929.
Cisco Wireless Lan Controller Software 7.2.103.0
Cisco Wireless Lan Controller Software 7.4.100.60
Cisco Wireless Lan Controller Software 7.2.110.0
Cisco Wireless Lan Controller Software 7.3
Cisco Wireless Lan Controller Software 7.3.101.0
Cisco Wireless Lan Controller Software 7.4.100.0
Cisco Wireless Lan Controller Software 7.2
Cisco Wireless Lan Controller
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »