Telerik UI for ASP.NET AJAX RadAsyncUpload .NET Deserialization Vulnerability

critical Nessus Plugin ID 135970


A web application development suite installed on the remote Windows host is affected by a deserialization vulnerability.


Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Exploitation can result in remote code execution. (As of 2020.1.114, a default setting prevents the exploit. In 2019.3.1023, but not earlier versions, a non-default setting can prevent exploitation.)


Upgrade to Telerik UI for ASP.NET AJAX version R3 2019 SP1 (2019.3.1023) or later, and enable the type whitelisting feature of RadAsyncUpload.

See Also

Plugin Details

Severity: Critical

ID: 135970

File Name: telerik_ui_for_aspnet_ajax_CVE-2019-18935.nasl

Version: 1.7

Type: local

Agent: windows

Family: Windows

Published: 4/24/2020

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus Agent

Risk Information


Risk Factor: Critical

Score: 9.8


Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: E:H/RL:OF/RC:C

CVSS Score Source: CVE-2019-18935


Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:telerik:ui_for_asp.net_ajax

Required KB Items: installed_sw/Telerik UI for ASP.NET AJAX

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/9/2019

Vulnerability Publication Date: 12/9/2019

CISA Known Exploited Dates: 5/3/2022

Reference Information

CVE: CVE-2019-18935

IAVA: 2020-A-0219