High severity8.8CISA KEVNVD Advisory· Published Jul 20, 2017· Updated Apr 21, 2026
CVE-2017-9822
CVE-2017-9822
Description
DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code execution on DNN sites."
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
DotNetNuke.CoreNuGet | < 9.1.1 | 9.1.1 |
Affected products
1Patches
173281a5256acVulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6- packetstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.htmlnvdExploitThird Party AdvisoryVDB EntryWEB
- www.dnnsoftware.com/community/security/security-centernvdProductVendor AdvisoryWEB
- www.securityfocus.com/bid/102213nvdBroken LinkThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-x2rg-fmcv-crq5ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-9822ghsaADVISORY
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.