From: corrinpaire2@gmail.com   
      
   Until R2 2017 SP1 (v2017.2.621), RadAsyncUpload's AsyncUploadHandler was   
   configured with a hard-coded key that was used to encrypt form data in file   
   upload requests. If this encryption key was not changed from its default value   
   of    
   PrivateKeyForEncryptionOfRadAsyncUploadConfiguration, an attacker could use   
   that key to craft a file upload request to /Telerik.Web.Ui.WebRe   
   ource.axd?type=rau with a custom encrypted rauPostData POST parameter. If an   
   attacker specified an arbitrary    
   value for the TempTargetFolder variable within the encrypted rauPostData POST   
   parameter, it would effectively allow file uploads to any directory where the   
   web server had write permissions. Please refer to  straightblast's write-up   
   for a detailed    
   breakdown of rauPostData's structure (and of this vulnerability in general),   
   and Telerik's security advisory for how this vulnerability was remediated.   
      
   Telerik Kendo UI R2 2017 SP1 Professional v2017.2.621   
   DOWNLOAD https://1riacaomonsshi.blogspot.com/?wr=2wIyno   
      
      
    eebf2c3492   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)