Lucene search
K

6 matches found

Hacker One
Hacker One
added 2024/10/06 2:25 p.m.28 views

MTN Group: CVE-2017-9822 DotNetNuke Cookie Deserialization Remote Code Execution (RCE) on lonidoor.mtn.ci

The DotNetNuke DNN versions between 5.0.0 and 9.3.0 were affected by a deserialization vulnerability that could lead to remote code execution. The vulnerability was caused by the way DNN handled the DNNPersonalization cookie, which was used to store anonymous users' personalization options. The...

8.8CVSS7.4AI score0.94789EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/04/16 12:0 a.m.238 views

DotNetNuke - Cookie Deserialization Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' require 'openssl' require 'set' class MetasploitModule activetimeout payload handler is normally set up and started here but has be...

7.7AI score
Exploits0
Packet Storm
Packet Storm
added 2020/04/03 12:0 a.m.325 views

DotNetNuke Cookie Deserialization Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' require 'openssl' require 'set' class MetasploitModule activetimeout payload handler is normally set up and started here but has be...

6.5CVSS0.5AI score0.94789EPSS
Exploits10
Circl
Circl
added 2020/04/02 3:6 p.m.15 views

CVE-2017-9822

creationtimestamp| type| source ---|---|--- 2020-04-02 15:06:54+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/dnncookiedeserializationrce.rb 2020-04-16 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48336 2020-10-09...

8.8CVSS7.3AI score0.94789EPSS
Exploits6References7
Vulnrichment
Vulnrichment
added 2017/07/20 12:0 p.m.19 views

CVE-2017-9822

DNN aka DotNetNuke before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 Critical Possible remote code execution on DNN sites."...

8.2AI score0.94789EPSS
Exploits6References3
CVE
CVE
added 2017/07/20 12:0 p.m.1232 views

CVE-2017-9822

DotNetNuke (DNN) cookie deserialization RCE (CVE-2017-9822) affects DNN before 9.1.1. The vulnerability arises from deserializing a crafted DNNPersonalization-like cookie, enabling remote code execution. Exploitation details and public proof points are documented in exploit references (e.g., Meta...

8.8CVSS8.9AI score0.94789EPSS
In wildExploits6References4Affected Software1
Rows per page
Query Builder