Blue Mockingbird Vulnerability

2 posts, 0 answers
  1. Julian
    Julian avatar
    12 posts
    Member since:
    Dec 2011

    Posted 18 Jan Link to this post

    We upgraded the Telerik control to 2020.3.915.45 after we were hit by the Blue Mockingbird Vulnerability.

    However, last weekend, we were hit again by the Blue Mockingbird Vulnerability. An ASPX file that contained this mark up was uploaded.

    <asp:FileUpload ID="uplDosya" runat="server" />
    <br />
    <asp:Button ID="bntGonder" runat="server" Text="Submit" OnClick="btnGonder_Click" />

    I've double-checked, we do have the latest version and we don only allow JPG as file extension.

    Has anyone else been hit by Blue Mockingbird Vulnerability lately?

  2. Vessy
    Admin
    Vessy avatar
    2369 posts

    Posted 18 Jan Link to this post

    Hi Julian,

    We are not aware of any reports by users upgraded to a safe version like 2020.1.114 and later.
    Make sure you have scanned your server with an antivirus program since the virus will not go away after upgrading to a safe version of Telerik.Web.UI.

    You can also verify if the issue is really fixed by exploiting the Insecure Deserialization issue like demonstrated in the following video:
    https://www.youtube.com/watch?v=--6PiuvBGAU

    Another option is to use a 3rd party scanner tool like Qualys:
    https://www.qualys.com/

    Regards,
    Vessy
    Progress Telerik

    Virtual Classroom, the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products quickly just got a fresh new look + new and improved content including a brand new Blazor course! Check it out at https://learn.telerik.com/.

Back to Top