Primary

Context

Progress Telerik Document Processing Libraries Path Traversal Vulnerability Allowing Arbitrary File System Access

Vulnerability

A path traversal vulnerability has been identified in Progress Telerik Document Processing Libraries, affecting versions prior to 2025 Q1 (2025.1.205). This vulnerability allows improper limitation of target paths, which can lead to decompressing archive contents into restricted directories, potentially causing arbitrary file system access.

Impact

Exploitation of this vulnerability could result in unauthorized access to the file system, allowing for potential manipulation or disclosure of files in restricted directories.

Remediation

Users are advised to upgrade to Progress Telerik Document Processing Libraries version 2025 Q1 (2025.1.2xx). Instructions for updating can be found in the Telerik Document Processing Upgrade Instructions. Customers with a Telerik license can access the latest version through the Telerik Product Downloads page.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Progress Telerik Document Processing Libraries Path Traversal Vulnerability Allowing Arbitrary File System Access

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating