Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2017-9822

Description

DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code execution on DNN sites."

POC

Reference

- http://packetstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.html

- http://www.dnnsoftware.com/community/security/security-center

Github

- https://github.com/20142995/nuclei-templates

- https://github.com/ARPSyndicate/cvemon

- https://github.com/ARPSyndicate/kenzer-templates

- https://github.com/BLACKHAT-SSG/OSWE-Preparation-

- https://github.com/Deep-Bagchi/ysoserial.net

- https://github.com/JFR-C/Windows-Penetration-Testing

- https://github.com/Jean-Francois-C/Windows-Penetration-Testing

- https://github.com/MdTauheedAlam/AWAE-OSWE-Notes

- https://github.com/NHPT/ysoserial.net

- https://github.com/Ostorlab/KEV

- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors

- https://github.com/PwnAwan/OSWE-Preparation-

- https://github.com/R0B1NL1N/OSWE

- https://github.com/SohelParashar/.Net-Deserialization-Cheat-Sheet

- https://github.com/Xcod3bughunt3r/OSWE

- https://github.com/aalexpereira/pipelines-tricks

- https://github.com/aymankhder/Windows-Penetration-Testing

- https://github.com/functionofpwnosec/functionofpwnosec

- https://github.com/getanehAl/Windows-Penetration-Testing

- https://github.com/hktalent/ysoserial.net

- https://github.com/incredibleindishell/ysoserial.net-complied

- https://github.com/irsdl/ysonet

- https://github.com/kymb0/web_study

- https://github.com/lamcodeofpwnosec/lamcodeofpwnosec

- https://github.com/lnick2023/nicenice

- https://github.com/mishmashclone/ManhNho-AWAE-OSWE

- https://github.com/mishmashclone/timip-OSWE

- https://github.com/murataydemir/CVE-2017-9822

- https://github.com/puckiestyle/ysoserial.net

- https://github.com/puckiestyle/ysoserial.net-master

- https://github.com/pwntester/ysoserial.net

- https://github.com/qazbnm456/awesome-cve-poc

- https://github.com/revoverflow/ysoserial

- https://github.com/secret-arrow/ysoserial.net

- https://github.com/svdwi/OSWE-Labs-Poc

- https://github.com/timip/OSWE

- https://github.com/tranphuc2005/NTCS_baocao05

- https://github.com/xasyhack/oscp2025

- https://github.com/xasyhack/oscp_cheat_sheet_2025

- https://github.com/xbl3/awesome-cve-poc_qazbnm456

- https://github.com/zer0byte/AWAE-OSWP