CVE-2017-11357

Telerik UI for ASP.NET AJAX Insecure Direct Object Reference Vulnerability

Description

Telerik UI for ASP.NET AJAX contains an insecure direct object reference vulnerability in RadAsyncUpload that can result in file uploads in a limited location and/or remote code execution.

Severity: CRITICAL

CVSS Score: 9.8

Vendor: Telerik

Product: User Interface (UI) for ASP.NET AJAX

Loading CVE details...

Footer

Platform

Cyber Security
Asset Management

Resources

Blog
CVE Database
Breach Database
Vulnerability Database
Calculator

Company

About Us
Careers
Contact
Legal Notice
Privacy Policy

Latest Articles

CVSS v4.0: What Changes in Vulnerability Scoring and What It Means for Your Security Program
Browser-in-the-Browser Attacks: How Fake Login Windows Steal Your Credentials
Attack Surface Analysis: How to Identify and Reduce Your Organization's Exposure

Address

turingsecure GmbH
Neuer Wall 80
20354 Hamburg

[email protected]

LinkedInLinkedIn GitHubGitHub

© 2026 turingsecure GmbH. All rights reserved.