Main Vulnerability Database Vulnerabilities #VU112984

#VU112984 Improper Check for Unusual or Exceptional Conditions in DotNetNuke - CVE-2025-52487

Published: July 16, 2025

Vulnerability identifier: #VU112984

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2025-52487

CWE-ID: CWE-754

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
DotNetNuke

Software vendor:
DNN

Description

The vulnerability allows a remote attacker to bypass the design of DNN Login IP Filters.

The vulnerability exists due to improper error handling. A remote attacker can send specially crafted data to the application and allow login attempts from IP Adresses not in the allow list.

Remediation

Install updates from vendor's website.

External links

https://github.com/dnnsoftware/Dnn.Platform/security/advisories/GHSA-fjhg-3mrh-mm7h

#VU112984 Improper Check for Unusual or Exceptional Conditions in DotNetNuke - CVE-2025-52487

Description

Remediation

External links

Please verify you're human