CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 23:27:33 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
b0e96c877abb080d7cf221c036336480ff266ccf
CVEs-PoC/2017/CVE-2017-9822.md
T
0xMarcio 48a00929ac Removed duplicates
2024-06-18 02:51:15 +02:00

48 lines
2.2 KiB
Markdown
Raw Blame History

### [CVE-2017-9822](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9822)
![](https://img.shields.io/static/v1?label=Product&message=DotNetNuke%20CMS%20Fixed%20in%209.1.1&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution%20via%20untrusted%20deserialization%20of%20Xml%20data&color=brighgreen)
### Description
DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code execution on DNN sites."
### POC
#### Reference
- http://packetstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.html
- http://www.dnnsoftware.com/community/security/security-center
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/BLACKHAT-SSG/OSWE-Preparation-
- https://github.com/Jean-Francois-C/Windows-Penetration-Testing
- https://github.com/MdTauheedAlam/AWAE-OSWE-Notes
- https://github.com/NHPT/ysoserial.net
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/PwnAwan/OSWE-Preparation-
- https://github.com/R0B1NL1N/OSWE
- https://github.com/SohelParashar/.Net-Deserialization-Cheat-Sheet
- https://github.com/Xcod3bughunt3r/OSWE
- https://github.com/aalexpereira/pipelines-tricks
- https://github.com/aymankhder/Windows-Penetration-Testing
- https://github.com/hktalent/ysoserial.net
- https://github.com/incredibleindishell/ysoserial.net-complied
- https://github.com/kymb0/web_study
- https://github.com/lnick2023/nicenice
- https://github.com/mishmashclone/ManhNho-AWAE-OSWE
- https://github.com/mishmashclone/timip-OSWE
- https://github.com/murataydemir/CVE-2017-9822
- https://github.com/puckiestyle/ysoserial.net
- https://github.com/puckiestyle/ysoserial.net-master
- https://github.com/pwntester/ysoserial.net
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/revoverflow/ysoserial
- https://github.com/svdwi/OSWE-Labs-Poc
- https://github.com/timip/OSWE
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/zer0byte/AWAE-OSWP
Reference in New Issue View Git Blame Copy Permalink