CVE-2019-18935

Progress Telerik UI for ASP.NET AJAX contains a deserialization of untrusted data vulnerability through RadAsyncUpload which leads to code execution on the server in the context of the w3wp.exe process. Vendor/Product: Progress Telerik UI for ASP.NET AJAX. Added to CISA KEV 2021-11-03; required action: Apply updates per vendor instructions.