-
Notifications
You must be signed in to change notification settings - Fork 0
/
CVE-2017-9248 - Telerik UI Encryption Keys Disclosure.bcheck
15 lines (14 loc) · 4.02 KB
/
CVE-2017-9248 - Telerik UI Encryption Keys Disclosure.bcheck
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
metadata:
language: v1-beta
name: "CVE-2017-9248 - Telerik UI Encryption Keys Disclosure"
description: "Telerik UI versions 2007.1423 to 2017.1.118 is vulnerable to CVE-2017-9248"
tags: "CVE-2017-9248"
author: "DemonGod"
given response then
if (("Telerik.Web.UI.WebResource.axd" in {latest.response.body}) and ("2007.1423" in {latest.response.body} or "2007.1521" in {latest.response.body} or "2007.1626" in {latest.response.body} or "2007.2918" in {latest.response.body} or "2007.21010" in {latest.response.body} or "2007.21107" in {latest.response.body} or "2007.31218" in {latest.response.body} or "2007.31314" in {latest.response.body} or "2007.31425" in {latest.response.body} or "2008.1415" in {latest.response.body} or "2008.1515" in {latest.response.body} or "2008.1619" in {latest.response.body} or "2008.2723" in {latest.response.body} or "2008.2826" in {latest.response.body} or "2008.21001" in {latest.response.body} or "2008.31105" in {latest.response.body} or "2008.31125" in {latest.response.body} or "2008.31314" in {latest.response.body} or "2009.1311" in {latest.response.body} or "2009.1402" in {latest.response.body} or "2009.1527" in {latest.response.body} or "2009.2701" in {latest.response.body} or "2009.2826" in {latest.response.body} or "2009.31103" in {latest.response.body} or "2009.31208" in {latest.response.body} or "2009.31314" in {latest.response.body} or "2010.1309" in {latest.response.body} or "2010.1415" in {latest.response.body} or "2010.1519" in {latest.response.body} or "2010.2713" in {latest.response.body} or "2010.2826" in {latest.response.body} or "2010.2929" in {latest.response.body} or "2010.31109" in {latest.response.body} or "2010.31215" in {latest.response.body} or "2010.31317" in {latest.response.body} or "2011.1315" in {latest.response.body} or "2011.1413" in {latest.response.body} or "2011.1519" in {latest.response.body} or "2011.2712" in {latest.response.body} or "2011.2915" in {latest.response.body} or "2011.31115" in {latest.response.body} or "2011.3.1305" in {latest.response.body} or "2012.1.215" in {latest.response.body} or "2012.1.411" in {latest.response.body} or "2012.2.607" in {latest.response.body} or "2012.2.724" in {latest.response.body} or "2012.2.912" in {latest.response.body} or "2012.3.1016" in {latest.response.body} or "2012.3.1205" in {latest.response.body} or "2012.3.1308" in {latest.response.body} or "2013.1.220" in {latest.response.body} or "2013.1.403" in {latest.response.body} or "2013.1.417" in {latest.response.body} or "2013.2.611" in {latest.response.body} or "2013.2.717" in {latest.response.body} or "2013.3.1015" in {latest.response.body} or "2013.3.1114" in {latest.response.body} or "2013.3.1324" in {latest.response.body} or "2014.1.225" in {latest.response.body} or "2014.1.403" in {latest.response.body} or "2014.2.618" in {latest.response.body} or "2014.2.724" in {latest.response.body} or "2014.3.1024" in {latest.response.body} or "2015.1.204" in {latest.response.body} or "2015.1.225" in {latest.response.body} or "2015.1.401" in {latest.response.body} or "2015.2.604" in {latest.response.body} or "2015.2.623" in {latest.response.body} or "2015.2.729" in {latest.response.body} or "2015.2.826" in {latest.response.body} or "2015.3.930" in {latest.response.body} or "2015.3.1111" in {latest.response.body} or "2016.1.113" in {latest.response.body} or "2016.1.225" in {latest.response.body} or "2016.2.504" in {latest.response.body} or "2016.2.607" in {latest.response.body} or "2016.3.914" in {latest.response.body} or "2016.3.1018" in {latest.response.body} or "2016.3.1027" in {latest.response.body} or "2017.1.118" in {latest.response.body})) then
report issue:
severity: high
confidence: certain
detail: "A vulnerable vesion of Telerik UI is in use. This vulnerability allows for an attacker to discover the dialog handler key of Telerik UI for ASP.NET AJAX, which gives access to a file manager, and arbitrary file upload (e.g. web shell) if remote file permissions allow."
remediation: "It is recommended to upgrade to the latest version of Telerik UI."
end if