CVE-2025-3600

Summary

In Progress® Telerik® UI for AJAX, versions 2011.2.712 to 2025.1.218, an unsafe reflection vulnerability exists that may lead to an unhandled exception resulting in a crash of the hosting process and denial of service.

Affected Software

VendorProductVersion RangeStatus
Progress SoftwareTelerik UI for ASP.NET AJAX2011.2.712 < 2025.1.416affected

Weaknesses

  • Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References