CVE-2025-52487

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-52487

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-52487.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-52487

Aliases

GHSA-fjhg-3mrh-mm7h

Published

2025-06-21T03:15:24Z

Modified

2025-06-27T11:02:49.877389Z

Summary

[none]

Details

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. In versions 7.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted request or proxy to be created that could bypass the design of DNN Login IP Filters allowing login attempts from IP Addresses not in the allow list. This issue has been patched in version 10.0.1.

References

https://github.com/dnnsoftware/Dnn.Platform/security/advisories/GHSA-fjhg-3mrh-mm7h

Affected packages

Git / github.com/dnnsoftware/dnn.platform

Affected ranges

Type: GIT
Repo: https://github.com/dnnsoftware/dnn.platform
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

300e960c710daf4502e99783e5e0c04516af213b

Affected versions

10.*

10.0.0-rc3

v10.*

v10.0.0

v10.0.0-rc1

v10.0.0-rc2

v10.0.1-rc1

v10.0.1-rc2

v10.0.1-rc3

v7.*

v7.2.1.367-stable

v7.3.2.109-stable

v9.*

v9.1.0

v9.10.0

v9.10.0-rc1

v9.10.0-rc2

v9.10.1

v9.10.1-rc1

v9.10.2

v9.10.2-rc1

v9.11.0

v9.11.0-rc1

v9.11.0-rc2

v9.11.0-rc3

v9.11.0-rc4

v9.11.0-rc5

v9.11.0-rc6

v9.11.0-rc7

v9.11.1

v9.11.1-rc1

v9.11.1-rc2

v9.11.1-rc3

v9.11.2

v9.11.2-rc1

v9.12.0

v9.12.0-rc1

v9.13.0

v9.13.0-rc1

v9.13.0-rc2

v9.13.0-rc3

v9.13.1

v9.13.1-rc1

v9.13.2

v9.13.2-rc1

v9.13.3

v9.13.3-rc1

v9.13.4

v9.13.4-rc1

v9.13.5

v9.13.5-rc1

v9.13.6

v9.13.6-rc1

v9.13.7

v9.13.7-rc1

v9.13.8

v9.13.8-rc1

v9.13.9

v9.13.9-rc1

v9.2.0

v9.2.1

v9.2.1-rc0

v9.2.1-rc1

v9.2.2

v9.2.2-rc0

v9.2.2-rc1

v9.2.2-rc2

v9.2.2-rc3

v9.3.0

v9.3.0-rc0

v9.3.0-rc1

v9.3.0-rc2

v9.3.1

v9.3.1-rc0

v9.3.2

v9.3.2-rc0

v9.4.0

v9.4.0-rc0

v9.4.0-rc1

v9.4.1

v9.4.1-rc1

v9.4.2

v9.4.2-rc1

v9.4.3

v9.4.3-rc1

v9.4.4

v9.4.4-rc1

v9.5.0

v9.5.0-rc1

v9.5.0-rc2

v9.5.1-rc1

v9.6.0

v9.6.0-rc1

v9.6.0-rc2

v9.6.0-rc3

v9.6.1

v9.6.1-rc1

v9.6.2

v9.6.2-rc1

v9.6.2-rc2

v9.6.2-rc3

v9.7.0

v9.7.0-rc1

v9.7.0-rc2

v9.7.1

v9.7.1-rc1

v9.7.2

v9.7.2-rc1

v9.8.0

v9.8.0-rc1

v9.8.0-rc2

v9.8.1

v9.8.1-rc1

v9.9.0

v9.9.0-rc1

v9.9.0-rc2

v9.9.1

v9.9.1-rc1