6 matches found
MTN Group: CVE-2017-9822 DotNetNuke Cookie Deserialization Remote Code Execution (RCE) on lonidoor.mtn.ci
The DotNetNuke DNN versions between 5.0.0 and 9.3.0 were affected by a deserialization vulnerability that could lead to remote code execution. The vulnerability was caused by the way DNN handled the DNNPersonalization cookie, which was used to store anonymous users' personalization options. The...
DotNetNuke - Cookie Deserialization Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' require 'openssl' require 'set' class MetasploitModule activetimeout payload handler is normally set up and started here but has be...
DotNetNuke Cookie Deserialization Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' require 'openssl' require 'set' class MetasploitModule activetimeout payload handler is normally set up and started here but has be...
CVE-2017-9822
creationtimestamp| type| source ---|---|--- 2020-04-02 15:06:54+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/dnncookiedeserializationrce.rb 2020-04-16 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48336 2020-10-09...
CVE-2017-9822
DNN aka DotNetNuke before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 Critical Possible remote code execution on DNN sites."...
CVE-2017-9822
DotNetNuke (DNN) cookie deserialization RCE (CVE-2017-9822) affects DNN before 9.1.1. The vulnerability arises from deserializing a crafted DNNPersonalization-like cookie, enabling remote code execution. Exploitation details and public proof points are documented in exploit references (e.g., Meta...