Telerik Dialog Handler Detection Scanner

If you are affected by CVE-2017-9248 vulnerability, attackers can exploit your web application.

Short Info

Level

Information

Type

Single Scan

Can be used by

Everyone

Estimated Time

7 sec

Scan only one

Url

Parent Category

Telerik Dialog Handler Detection Scanner Detail

Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leading to a MachineKey leak, arbitrary file uploads or downloads, XSS, or ASP.NET ViewState compromise.

Attackers can exploit your web application if you are using the old version of the Telerik framework.

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.

Try it yourself,
control security posture

Get free usage

Learn More About Product