POLICY-OTHER --
POLICY-OTHER Progress Telerik UI for ASP.NET AJAX arbitrary file upload attempt
This rule detects an attempt to upload a file to an instance of Telerik UI using ASP.NET AJAX. Multiple vulnerabilities allow for straightforward decryption and encryption of a vulnerable parameter in some versions of Telerik UI, resulting in arbitrary file uploads.
This rule detects an attempt to upload a file to an instance of Telerik UI using ASP.NET AJAX.
No public information
Known false positives, with the described conditions
This policy rule alerts on any asynchronous file upload to Telerik UI, malicious or benign.
Cisco Talos Intelligence Group
No rule groups
N/A
Not Applicable
CVE-2017-11317 |
Loading description
|
CVE-2017-11357 |
Loading description
|
CVE-2019-18935 |
Loading description
|
Tactic: Initial Access
Technique: Exploit Public-Facing Application
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org