EDB-48336
remotewindowsVERIFIED
DotNetNuke - Cookie Deserialization Remote Code Execution (Metasploit)
CVE-2018-18326CVE-2018-18325CVE-2018-15812+2 more
Metasploit4/16/2020
CVE-2018-15812
7.5HIGHDNN (aka DotNetNuke) 9.2 through 9.2.1 incorrectly converts encryption key source values, resulting in lower than expected entropy.
Опубликовано: 7/3/2019Обновлено: 11/21/2024
Описание
DNN (aka DotNetNuke) 9.2 through 9.2.1 incorrectly converts encryption key source values, resulting in lower than expected entropy.
ИИ-АнализНа базе ИИ
Затронутые продукты
dnnsoftwaredotnetnuke
Доступные эксплойты (1)
Ссылки
- http://packetstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.htmlExploitThird Party AdvisoryVDB Entry
- https://github.com/dnnsoftware/Dnn.Platform/releasesRelease Notes
- https://www.dnnsoftware.com/community/security/security-centerVendor Advisory
- http://packetstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.htmlExploitThird Party AdvisoryVDB Entry
- https://github.com/dnnsoftware/Dnn.Platform/releasesRelease Notes
- https://www.dnnsoftware.com/community/security/security-centerVendor Advisory