CVE-2017-9822 PoC — DotNetNuke 输入验证错误漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2017/CVE-2017-9822.yaml

Associated Vulnerability

Title:DotNetNuke 输入验证错误漏洞 (CVE-2017-9822)
Description:DNN（又名DotNetNuke）是美国DNN公司的一套由微软支持、基于ASP.NET平台的开源内容管理系统（CMS）。该系统具有易于安装、可扩展、功能丰富等特点。 DotNetNuke 9.1.1之前版本中存在输入验证错误漏洞。远程攻击者可利用该漏洞执行代码。

Description

DotNetNuke (DNN) versions between 5.0.0 - 9.3.0 are affected by a deserialization vulnerability that leads to remote code execution.

File Snapshot


 id: CVE-2017-9822

info:
  name: DotNetNuke 5.0.0 - 9.3.0 - Cookie Deserialization Remote Code Execu

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!