cbcvebase.
CVE-2025-3600
published 2025-05-14

CVE-2025-3600: In Progress® Telerik® UI for AJAX, versions 2011.2.712 to 2025.1.218, an unsafe reflection vulnerability exists that may lead to an unhandled exception…

PriorityP349high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
19.06%
97.0th percentile
In Progress® Telerik® UI for AJAX, versions 2011.2.712 to 2025.1.218, an unsafe reflection vulnerability exists that may lead to an unhandled exception resulting in a crash of the hosting process and denial of service.

Affected

3 ranges
VendorProductVersion rangeFixed in
msrcazl3_mozjs_102.15.1-1_on_azure_linux_3.0
progresstelerik_ui_for_asp.net_ajax2011.2712 – 2025.1.218
progress_softwaretelerik_ui_for_asp.net_ajax>= 2011.2.712 < 2025.1.4162025.1.416

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.