Exploit.MSIL.CVE-2019-18935

Class Exploit
Platform MSIL
Description

Progress Telerik for ASP.NET AJAX 2019.3.1022 and its earlier versions contain .NET deserialization vulnerability in the RadAsyncUpload function. This vulnerability can be used if the cryptographic keys become known to the attacker due to CVE-2017-11317, CVE-2017-11357, or other vulnerabilities. Exploiting this vulnerability can allow remote code execution.

Top 10 countries with most attacked users (% of total attacks)

  Country Percentage of users*
1 Vietnam 25.41
2 USA 10.27
3 Iran 5.41
4 China 4.86
5 France 4.86
6 India 4.86
7 Colombia 4.32
8 Germany 3.24
9 United Kingdom 3.24
10 Malaysia 2.70

* Percentage of all unique Kaspersky users worldwide who have been attacked by this malware