Telerik Dialog Handler Detection Scanner
If you are affected by CVE-2017-9248 vulnerability, attackers can exploit your web application.
Short Info
Level
Information
Type
Single Scan
Can be used by
Everyone
Estimated Time
7 sec
Scan only one
Url
Parent Category
Telerik Dialog Handler Detection Scanner Detail
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leading to a MachineKey leak, arbitrary file uploads or downloads, XSS, or ASP.NET ViewState compromise.
Attackers can exploit your web application if you are using the old version of the Telerik framework.
Try it yourself,
control security posture
control security posture