File Export Vulnerability in Progress Telerik Document Processing Libraries
CVE-2024-11629

6.5MEDIUM

Key Information:

Vendor
CVE Published:
12 February 2025

Summary

The Progress Telerik Document Processing Libraries before version 2025 Q1 (2025.1.205) contain a vulnerability that allows unauthorized file content export to RTF format from an arbitrary file path. This issue poses a significant risk as it can potentially expose sensitive data to unauthorized users. Organizations utilizing these libraries need to update to the latest version to mitigate these risks and secure their document processing capabilities.

Affected Version(s)

Progress® Telerik® Document Processing Libraries .NET Standard 2.0 1.0.0 < 2025.1.205

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.