CVE-2025-3600

CVSS v3.1

7.5

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Progress Telerik UI for AJAX versions 2011.2.712 through 2025.1.218

Description An unsafe reflection issue exists in Progress Telerik UI for AJAX. This flaw could lead to an unhandled exception, potentially causing a crash of the hosting process and resulting in a denial of service. Reports indicate this issue affects a large number of applications worldwide, with some research suggesting the possibility of remote code execution when combined with other vulnerabilities. The vulnerability stems from insecure reflection practices within the software.

Recommendations Update to a version of Progress Telerik UI for AJAX later than 2025.1.218.

Fix

RCE

DoS

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-470

Related Identifiers

CVE-2025-3600

Affected Products

Telerik Ui For Ajax

CVE-2025-3600

Weakness Enumeration

Related Identifiers

Affected Products

References · 26