High severityNVD Advisory· Published Jun 21, 2025· Updated Jun 23, 2025

DNN.PLATFORM possibly allows bypass of IP Filters

CVE-2025-52487

Description

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. In versions 7.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted request or proxy to be created that could bypass the design of DNN Login IP Filters allowing login attempts from IP Addresses not in the allow list. This issue has been patched in version 10.0.1.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
DNN.PLATFORMNuGet	>= 7.0.0, < 10.0.1	10.0.1

Affected products

Dnnsoftware/Dnn.platformv5
Range: >= 7.0.0, < 10.0.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/advisories/GHSA-fjhg-3mrh-mm7hghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2025-52487ghsaADVISORY
github.com/dnnsoftware/Dnn.Platform/security/advisories/GHSA-fjhg-3mrh-mm7hghsax_refsource_CONFIRMWEB

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000