Vulnerabilities > CVE-2018-17060 - Unspecified vulnerability in Progress Telerik Extensions for Asp.Net MVC

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
progress
NVD
Published: 2018-10-08
Updated: 2020-08-24

Summary

Telerik Extensions for ASP.NET MVC (all versions) does not whitelist requests, which can allow a remote attacker to access files inside the server's web directory. NOTE: this product has been obsolete since June 2013.

Vulnerable Configurations

Part Description Count
Application
Progress
1

References