DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted series of malicious interaction to potentially expose NTLM hashes to a third party SMB server. This issue has been patched in version 10.0.1.
References
Configurations
No configuration.
History
23 Jun 2025, 20:16
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
21 Jun 2025, 03:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-06-21 03:15
Updated : 2025-06-23 20:16
NVD link : CVE-2025-52488
Mitre link : CVE-2025-52488
CVE.ORG link : CVE-2025-52488
JSON object : View
Products Affected
No product.
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor