CVE-2017-9822

CVSS 8.8 HIGHEPSS 94.8%● KEVCWE-94

In short

DNN (DotNetNuke) versions before 9.1.1 allow attackers to execute arbitrary code on the server through a specially crafted cookie. This is a critical flaw because it gives attackers full control over the website and its data without needing valid credentials.

Technical detail

DNN before 9.1.1 is vulnerable to remote code execution via unsafe deserialization of cookie data (CWE-94). An unauthenticated attacker can craft a malicious cookie that, when processed by the application, executes arbitrary code with the privileges of the web process. This requires network access to the vulnerable application but no prior authentication.

Summary generated and translated by AI from the official description.

DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code execution on DNN sites."

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

DotNetNuke · DotNetNuke CMS Fixed in 9.1.1

public PoCs found — 5

githubgithub.com/murataydemir/CVE-2017-9822★ 22 githubgithub.com/tranphuc2005/CVE-2017-9822★ 0 githubgithub.com/Tnot123/cve-2017-9822★ 0 cve_referencepacketstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.htmlunverified exploitdbwww.exploit-db.com/exploits/48336unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.html https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-9822 http://www.dnnsoftware.com/community/security/security-center http://www.securityfocus.com/bid/102213