This is a migrated thread and some comments may be shown as answers.

Blue Mockingbird Vulnerability

1 Answer 426 Views
AsyncUpload
This is a migrated thread and some comments may be shown as answers.
Julian
Top achievements
Rank 1
Julian asked on 18 Jan 2021, 12:45 PM

We upgraded the Telerik control to 2020.3.915.45 after we were hit by the Blue Mockingbird Vulnerability.

However, last weekend, we were hit again by the Blue Mockingbird Vulnerability. An ASPX file that contained this mark up was uploaded.

<asp:FileUpload ID="uplDosya" runat="server" />
<br />
<asp:Button ID="bntGonder" runat="server" Text="Submit" OnClick="btnGonder_Click" />

I've double-checked, we do have the latest version and we don only allow JPG as file extension.

Has anyone else been hit by Blue Mockingbird Vulnerability lately?

1 Answer, 1 is accepted

Sort by
0
Vessy
Telerik team
answered on 18 Jan 2021, 05:35 PM

Hi Julian,

We are not aware of any reports by users upgraded to a safe version like 2020.1.114 and later.
Make sure you have scanned your server with an antivirus program since the virus will not go away after upgrading to a safe version of Telerik.Web.UI.

You can also verify if the issue is really fixed by exploiting the Insecure Deserialization issue like demonstrated in the following video:
https://www.youtube.com/watch?v=--6PiuvBGAU

Another option is to use a 3rd party scanner tool like Qualys:
https://www.qualys.com/

Regards,
Vessy
Progress Telerik

Virtual Classroom, the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products quickly just got a fresh new look + new and improved content including a brand new Blazor course! Check it out at https://learn.telerik.com/.

Tags
AsyncUpload
Asked by
Julian
Top achievements
Rank 1
Answers by
Vessy
Telerik team
Share this question
or