Telerik Dialog Handler Detection Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

7

Telerik Dialog Handler Detection Scanner Detail

If you are affected by CVE-2017-9248 vulnerability, attackers can exploit your web application.

Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leading to a MachineKey leak, arbitrary file uploads or downloads, XSS, or ASP.NET ViewState compromise.


Attackers can exploit your web application if you are using the old version of the Telerik framework.

Some Advice for Common Problems

Update your telerik framework to the latest version to eliminate this vulnerability.

Need a Full Assessment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service