Plattform
dotnet
Komponente
progress-telerik-ui-for-winforms
Behoben in
2025 Q1 (2025.1.211)
CVE-2025-0332 describes a Path Traversal vulnerability discovered in Progress® Telerik® UI for WinForms. This flaw allows an attacker to potentially decompress archive contents into a restricted directory, leading to unauthorized access or code execution. The vulnerability affects versions prior to 2025 Q1 (2025.1.211), and a fix is available in version 2025.1.211.
The core of this vulnerability lies in the improper limitation of a target path when decompressing archives within Telerik UI for WinForms. An attacker could craft a malicious archive designed to exploit this weakness. By manipulating the path, they can force the application to extract files into directories where it shouldn't have write access. This could allow them to overwrite critical system files, inject malicious code, or gain control of the affected system. The potential impact extends beyond simple file access; successful exploitation could lead to complete system compromise, data exfiltration, and denial of service.
CVE-2025-0332 was publicly disclosed on February 12, 2025. There is currently no indication of active exploitation or a KEV listing. Public proof-of-concept code is not yet available, but the vulnerability's nature suggests it could be relatively easy to exploit once a PoC is released. Monitor security advisories and threat intelligence feeds for any signs of exploitation.
Applications utilizing Telerik UI for WinForms to process user-uploaded files or handle external data streams are particularly at risk. Legacy applications using older versions of the framework and those with inadequate input validation routines are also more vulnerable. Shared hosting environments where multiple applications share the same file system could experience broader impact if one application is compromised.
• dotnet / windows: Use Process Monitor to observe file system activity when Telerik UI for WinForms is processing archives. Look for attempts to extract files into unexpected or restricted directories.
Get-Process | Where-Object {$_.ProcessName -like '*Telerik*'} | Get-Process -IncludeChildren• dotnet / windows: Examine application event logs for errors related to file extraction or access denied errors when attempting to write to restricted directories. • dotnet / windows: Review Telerik UI for WinForms configuration files for any custom settings related to archive processing or file system paths. Look for any misconfigurations that could contribute to the vulnerability.
disclosure
Exploit-Status
EPSS
0.19% (41% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-0332 is to upgrade to Telerik UI for WinForms version 2025.1.211 or later. If immediate upgrading is not feasible, consider implementing stricter file system permissions to limit write access to sensitive directories. Additionally, input validation and sanitization should be implemented to prevent attackers from manipulating the target path. While a WAF is unlikely to directly mitigate this vulnerability, it could potentially block malicious archive uploads. After upgrading, verify the fix by attempting to decompress a specially crafted archive with a manipulated path and confirming that the extraction fails with an appropriate error.
Actualice a la versión 2025 Q1 (2025.1.211) o posterior de Telerik UI for WinForms. Esto corregirá la vulnerabilidad de path traversal al descomprimir archivos. Descargue la versión más reciente desde el sitio web de Progress Software.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-0332 is a Path Traversal vulnerability affecting Telerik UI for WinForms, allowing attackers to decompress archives into restricted directories, potentially leading to code execution.
You are affected if you are using Telerik UI for WinForms versions prior to 2025.1.211. Check your version and upgrade accordingly.
Upgrade to version 2025.1.211 or later to resolve the vulnerability. Implement input validation as a temporary workaround if upgrading is not immediately possible.
Active exploitation campaigns are not currently confirmed, but the vulnerability's high severity and public disclosure increase the risk of future attacks.
Refer to the Progress® Telerik® Security Advisory for detailed information and updates: [https://www.telerik.com/security/advisories/CVE-2025-0332](https://www.telerik.com/security/advisories/CVE-2025-0332)
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine packages.lock.json-Datei hoch und wir sagen dir sofort, ob du betroffen bist.