CVE-2018-15811 Scanner
CVE-2018-15811 Scanner - Remote Code Execution (RCE) vulnerability in DotNetNuke
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
10 days 1 hour
Scan only one
Domain, Subdomain, IPv4
Toolbox
DotNetNuke, maintained by DNN Software, is a leading web content management system utilized by organizations for creating and maintaining websites. It serves businesses, educational institutions, and government agencies for crafting dynamic and functional websites with ease. DotNetNuke offers features like content management, design solutions, and SEO capabilities. The platform is built using .NET and provides extensibility through modules and skins, allowing users to customize their web presence. It is widely adopted due to its flexibility and robustness, supporting various web development needs.
The Remote Code Execution (RCE) vulnerability discovered in DotNetNuke versions 9.2 through 9.2.1 allows attackers to take control over the application. This critical flaw arises from the use of weak encryption algorithms, which leaves input parameters vulnerable to tampering. By crafting malicious cookies, attackers can trigger deserialization attacks that result in executing unauthorized code. The vulnerability thus poses a significant security risk to businesses using affected DotNetNuke versions, potentially compromising sensitive data and operations.
The vulnerability involves weak encryption that can be exploited by attackers through malformed DNNPersonalization cookies. When such cookies are crafted and deserialized, they lead to execution of arbitrary code on the server. The specific endpoint affected appears to be related to how the DotNetNuke application handles personalization settings. Attackers exploit the vulnerability by inserting malicious objects within cookies that invoke internal methods. Recognizing the vulnerable parameter and endpoint can help in understanding the attack vector used by threat actors.
If exploited, this vulnerability could lead to several critical issues including unauthorized access to system resources and execution of arbitrary code. Businesses can experience data breaches, leading to loss of sensitive information, and potentially damaging their reputation. Additionally, attackers could install backdoors, compromising the integrity and availability of the web applications powered by DotNetNuke. Customers relying on these applications might also face a risk of being part of further malicious activities conducted by hijacked servers.
REFERENCES
- https://nvd.nist.gov/vuln/detail/CVE-2018-15811
- https://github.com/dnnsoftware/Dnn.Platform/releases
- http://packetstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.html
- https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/dnn_cookie_deserialization_rce.rb
