CVE-2017-9822: DNN (aka DotNetNuke) has Remote Code Execution via a cookie
8.8
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.99948%
CWE
Published
10/16/2018
Updated
1/9/2023
KEV Status
Yes
Technology
C#
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
DotNetNuke.Core | nuget | < 9.1.1 | 9.1.1 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability involves remote code execution via cookie deserialization (CWE-20). Analysis focused on DNN's authentication flow and serialization patterns:
- Cookie handling functions are primary suspects given the attack vector
- The '2017-08' bulletin explicitly mentions cookie decoding leading to impersonation/RCE
- .NET deserialization vulnerabilities commonly involve XmlSerializer or BinaryFormatter
- DNN's XML utilities and authentication controllers are logical locations for cookie processing While the exact patch isn't available, the functions identified represent the most probable locations based on vulnerability type, .NET patterns, and DNN architecture. Confidence is medium due to reliance on vulnerability descriptions rather than direct code analysis.