Muhannad
Jul 30, 2019Cirrus
An Application ASP.Net vulnerability.
Dear Experts,
I need help in the following issue for one of our clients: it seems that some of the WEB servers are infected with CVE-2017-9248 vulnerability which allow hackers to remote attack and defeat cryptographic protection leading to arbitrary file uploads or downloads, XSS, or ASP.NET ViewState compromise.
It seems this done via Telerik.Web.UI.WebResource.axd where the attacker where able to comprmise the Website and upload some webshells and files.
I am searching for a way to stop this exploit from ASM with no luck, I would appreciate any support regarding it.
Regards,
Muhannad