![]() Thanks also to Paul Taylor who, after authoring an exploit to break encryption for an unrestricted file upload vulnerability, developed an extended custom payload feature that was instrumental in triggering this deserialization vulnerability. Thanks to Markus Wulftange ( of Code White GmbH for initially discovering this insecure deserialization vulnerability and for summarizing his research. Patching instructions are included at the end of this post. Since Telerik has just responded to this issue by releasing a security advisory for CVE-2019-18935, we're sharing our knowledge about it here in an effort to raise awareness about the severity of this vulnerability, and to encourage affected users to patch and securely configure this software. The Managed Security Services (MSS) team at Bishop Fox has identified and exploited internet-facing instances of Telerik UI affected by this vulnerability for our clients. ![]() It insecurely deserializes JSON objects in a manner that results in arbitrary remote code execution on the software's underlying host. Telerik UI for ASP.NET AJAX is a widely used suite of UI components for web applications. ![]() All code references in this post are also available in the CVE-2019-18935 GitHub repo.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |