Hi Carlos,

Thank you for reaching out.

Please note that this is a public post, and for security reasons, we cannot provide here the installation files, including the Telerik_UI_for_ASP.NET_AJAX_2020_1_114_Dev_hotfix.zip archive.

To obtain the hotfix, you will need to open a private support ticket through your Telerik account. Opening a support ticket requires a valid Telerik UI for ASP.NET AJAX or DevCraft license (either paid or trial).

While you are currently addressing CVE-2019-18935, I want to highlight a new high-severity vulnerability - CVE-2025-3600, disclosed in May 2025, which affects all Telerik UI for ASP.NET AJAX versions from 2011.2.712 up to and including 2025.1.218 (Q1 SP1). This is a high-severity unsafe reflection vulnerability that impacts the AJAX suite.

To fully mitigate this newer threat, we strongly recommend upgrading to 2025.1.416 (Q1 SP2) or, preferably, to the latest version 2025.2.609.

Version 2025.2.609 includes fixes for all known vulnerabilities, along with significant improvements in security, performance, browser compatibility, and access to the newest features and controls. Please note that this is a paid version, and upgrading beyond 2020.1.114 would require an active license.

Further information about CVE-2025-3600 is available here:
CVE-2025-3600 Knowledge Base

Let us know if you have any further questions.

Regards,
Rumen
Progress Telerik