CVE-2024-7575

Improper Neutralization of Special Elements used in a Command ('Command Injection') (CWE-77)

Published: Sep 25, 2024 / Updated: 55d ago

010
CVSS 9.8EPSS 0.04%Critical
CVE info copied to clipboard

Summary

In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a command injection attack is possible through improper neutralization of hyperlink elements.

Impact

This vulnerability allows for a command injection attack, which can lead to unauthorized execution of commands on the affected system. Given the CVSS score of 9.8 (Critical) and the impact ratings of High for Confidentiality, Integrity, and Availability, this vulnerability can potentially allow an attacker to fully compromise the affected system. The attack vector is network-based, requires no user interaction, and can be executed without any privileges, making it extremely dangerous.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is available. The vulnerability has been addressed in Telerik UI for WPF version 2024 Q3 (2024.3.924) and later versions.

Mitigation

1. Update Telerik UI for WPF to version 2024.3.924 or later as soon as possible. 2. If immediate updating is not possible, implement strict input validation and sanitization for all user-supplied data, especially in hyperlink elements. 3. Apply the principle of least privilege to limit the potential impact of a successful attack. 4. Monitor systems for unusual activities or commands that could indicate exploitation attempts. 5. Implement network segmentation to limit the spread of potential attacks. 6. Regularly review and update security configurations for all systems using Telerik UI for WPF.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

CVE Assignment

NVD published the first details for CVE-2024-7575

Sep 25, 2024 at 2:15 PM
CVSS

A CVSS base score of 7.8 has been assigned.

Sep 25, 2024 at 2:20 PM / nvd
First Article

Feedly found the first article mentioning CVE-2024-7575. See article

Sep 25, 2024 at 2:22 PM / Vulners.com RSS Feed
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Sep 25, 2024 at 2:22 PM
CVSS

A CVSS base score of 9.8 has been assigned.

Oct 3, 2024 at 1:55 PM / nvd
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Nessus (208194)

Oct 4, 2024 at 11:15 PM
Threat Intelligence Report

CVE-2024-7575 is one of four recently reported vulnerabilities in the Progress Telerik UI that could lead to command injection and code execution. The criticality and CVSS score for this specific vulnerability are not provided in the available information, nor are details on exploitation in the wild, proof-of-concept exploits, mitigations, detections, patches, or downstream impacts to other vendors. Further investigation is needed to assess the full scope and implications of CVE-2024-7575. See article

Oct 8, 2024 at 11:16 AM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Qualys (380683)

Oct 11, 2024 at 7:53 AM
Static CVE Timeline Graph

Affected Systems

Telerik/ui_for_wpf
+null more

Patches

docs.telerik.com
+null more

Attack Patterns

CAPEC-136: LDAP Injection
+null more

References

Command Injection Vulnerability
In Progress® Telerik® UI for WPF versions prior to 2024 Q3 (2024.3.924), a command injection attack is possible through improper neutralization of hyperlink elements. In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a command injection attack is possible through improper neutralization of hyperlink elements.

News

Progress Telerik, Cisco, QNAP and Linux Under Attack: Cyble Honeypot Sensors
Cyble’s Vulnerability Intelligence unit has detected cyberattacks on several key IT products and systems, as threat actors have been quick to exploit vulnerabilities and enterprises slow to patch them. Hackers are exploiting critical vulnerabilities in Telerik UI, D-Link routers, QNAP firmware, and Cisco ASA WebVPN.
Progress Telerik, Cisco, QNAP And Linux Under Attack: Cyble
Cyble sensors have detected hackers scanning for the URL “/+CSCOE+/logon.html”, which is related to the Cisco Adaptive Security Appliance (ASA) WebVPN Login Page. Cyble sensors also detected attacks on QNAP QTS firmware, which may contain command injection vulnerabilities that can lead to remote command execution on affected devices.
Progress Telerik, Cisco, QNAP and Linux Under Attack: Cyble Honeypot Sensors
Cyble sensors also detected attacks on QNAP QTS firmware, which may contain command injection vulnerabilities that can lead to remote command execution on affected devices. The Cyble Vulnerability Intelligence unit also detected attacks on Linux systems, including the CoinMiner trojan, which can be installed by other malware or downloaded unknowingly by users visiting malicious sites, and Linux IRCBot attacks, where the IRC connection is exploited as a backdoor, allowing attackers access to a compromised system.
Cyble Honeypot Sensors Detect D-Link, Cisco, QNAP and Linux Attacks
Cyble’s Vulnerability Intelligence unit last week detected numerous exploit attempts, malware intrusions, phishing campaigns, and brute-force attacks via its network of Honeypot sensors. 25-Oct. 1, Cyble researchers identified several recent active exploits, including new attacks against a number of network products and routers, more than 300 new spam email addresses, and thousands of brute-force attacks.
Telerik UI for WPF < 2024.3.924 Multiple Vulnerabilities
Nessus Plugin ID 208194 with Critical Severity Synopsis A web application development suite installed on the remote Windows host is affected by multiple vulnerabilities. Description The version of Progress Telerik UI for WPF installed on the remote Windows host is prior to 2024 Q3 (2024.3.924). It is, therefore, affected by multiple vulnerabilities: - A command injection attack is possible through improper neutralization of hyperlink elements. (CVE-2024-7575) - A code execution attack is possible through an insecure deserialization vulnerability. (CVE-2024-7576, CVE-2024-8316) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. Solution Upgrade to Telerik UI for WPF version 2024.3.924 or later. Read more at https://www.tenable.com/plugins/nessus/208194
See 11 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI