EDB-48336
remotewindowsVERIFIED
DotNetNuke - Cookie Deserialization Remote Code Execution (Metasploit)
CVE-2018-18326CVE-2018-18325CVE-2018-15812+2 more
Metasploit4/16/2020
CVE-2018-15812
7.5HIGHDNN (aka DotNetNuke) 9.2 through 9.2.1 incorrectly converts encryption key source values, resulting in lower than expected entropy.
게시됨: 7/3/2019업데이트됨: 11/21/2024
설명
DNN (aka DotNetNuke) 9.2 through 9.2.1 incorrectly converts encryption key source values, resulting in lower than expected entropy.
AI 분석AI 기반
영향받는 제품
dnnsoftwaredotnetnuke
사용 가능한 익스플로잇 (1)
참조
- http://packetstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.htmlExploitThird Party AdvisoryVDB Entry
- https://github.com/dnnsoftware/Dnn.Platform/releasesRelease Notes
- https://www.dnnsoftware.com/community/security/security-centerVendor Advisory
- http://packetstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.htmlExploitThird Party AdvisoryVDB Entry
- https://github.com/dnnsoftware/Dnn.Platform/releasesRelease Notes
- https://www.dnnsoftware.com/community/security/security-centerVendor Advisory