Progress UI for WinForms 解压缩路径遍历漏洞

该路径遍历漏洞允许攻击者绕过正常的目录访问控制，将文件写入到他们通常没有写入权限的目录。攻击者可以利用此漏洞上传恶意文件，例如包含恶意脚本的压缩文件，并在受限目录中执行这些脚本。这可能导致敏感数据泄露，例如数据库凭据、配置文件或源代码。更严重的后果包括攻击者完全控制受影响的系统，并进行进一步的攻击活动。由于该漏洞涉及文件解压，攻击者可能能够利用它来执行远程代码，尽管这需要进一步的漏洞利用链。

Applications utilizing Telerik UI for WinForms to process user-uploaded files or handle external data streams are particularly at risk. Legacy applications using older versions of the framework and those with inadequate input validation routines are also more vulnerable. Shared hosting environments where multiple applications share the same file system could experience broader impact if one application is compromised.

• dotnet / windows: Use Process Monitor to observe file system activity when Telerik UI for WinForms is processing archives. Look for attempts to extract files into unexpected or restricted directories.

Get-Process | Where-Object {$_.ProcessName -like '*Telerik*'} | Get-Process -IncludeChildren

• dotnet / windows: Examine application event logs for errors related to file extraction or access denied errors when attempting to write to restricted directories. • dotnet / windows: Review Telerik UI for WinForms configuration files for any custom settings related to archive processing or file system paths. Look for any misconfigurations that could contribute to the vulnerability.

1. 2025-02-12Disclosure

   disclosure

1. 已保留2025-01-08
2. 发布日期2025-02-12
3. EPSS 更新日期2026-04-02

最有效的缓解措施是立即升级到 Progress® Telerik® UI for WinForms 2025.1.211 或更高版本。如果无法立即升级，可以考虑以下临时缓解措施：限制对 Telerik UI for WinForms 组件的访问，并实施严格的输入验证，以防止攻击者上传恶意文件。监控系统日志，查找任何异常的文件访问或解压活动。如果可能，配置 Web 应用程序防火墙 (WAF) 以阻止已知的攻击模式。升级后，请验证组件是否已成功更新，并确认漏洞已得到修复。