Telerik UI Vulnerability Allows Disk Space Exhaustion Attacks

/HIGH /CVSS 7.5/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvehigh-severitycwe-400
Telerik UI Vulnerability Allows Disk Space Exhaustion Attacks

The National Vulnerability Database has identified a critical vulnerability, CVE-2026-6022, in Infragistics Telerik UI for AJAX. This flaw exists in versions prior to 2026.1.421. Attackers can exploit a missing cumulative size check during file upload reassembly in the RadAsyncUpload component. This allows for uploads to exceed configured limits, leading to disk space exhaustion on the target server.

The CVSS score of 7.5 highlights the high severity of this flaw. The vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H indicates it’s exploitable over the network with no authentication or user interaction required, and the primary impact is on availability (disk space).

Defenders must prioritize patching or updating their Telerik UI for AJAX installations. For organizations unable to patch immediately, implementing strict file upload size validation at the application layer and robust monitoring for unusual disk space consumption are critical mitigation steps.

What This Means For You

  • If your organization uses Infragistics Telerik UI for AJAX, immediately investigate versions prior to 2026.1.421. Apply the available patches or upgrade to the fixed version to prevent disk space exhaustion attacks.

Related ATT&CK Techniques

T1190 Exploit Public-Facing Application Initial Access T1499 Denial of Service Impact

🛡️ Detection Rules

2 rules · 6 SIEM formats

2 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

high T1499 Impact

CVE-2026-6022 - Telerik UI RadAsyncUpload Chunk Reassembly Disk Exhaustion

Sigma YAML — free preview
✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Export via Bot →

Indicators of Compromise

IDTypeIndicator
CVE-2026-6022 Vulnerability CVE-2026-6022

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedApril 22, 2026 at 11:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related Posts

Binutils Heap Overflow: Local Attackers Gain Code Execution via XCOFF Files

CVE-2026-6846 — A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF (Extended Common Object File Format) object file...

vulnerabilityCVEhigh-severitycode-executioncwe-122
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 1 IOC /⚙ 3 Sigma

WordPress Plugin Flaw Lets Attackers Hijack Site Emails

CVE-2026-6235 — The Sendmachine for WordPress plugin for WordPress is vulnerable to authorization bypass via the 'manage_admin_requests' function in all versions up to, and including,...

vulnerabilityCVEcriticalhigh-severitycwe-862
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-5748 — Cross-Site Scripting (XSS)

CVE-2026-5748 — The Text Snippets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `ts` shortcode in all versions up to, and...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma