CVE-2017-9822: Improper Input Validation

July 20, 2017 (updated April 3, 2020)

DNN (aka DotNetNuke) has Remote Code Execution via a cookie, aka “2017-08 (Critical) Possible remote code execution on DNN sites.”

References

packetstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.html
www.dnnsoftware.com/community/security/security-center
www.securityfocus.com/bid/102213
nvd.nist.gov/vuln/detail/CVE-2017-9822

Code Behaviors & Features

Detect and mitigate CVE-2017-9822 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →