CVE-2018-15812

HIGH

DotNetNuke Cookie Deserialization Remote Code Excecution

Title source: metasploit
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2018-15812. PoCs published by Jon Park, Jon Seigel, including Metasploit module exploits/windows/http/dnn_cookie_deserialization_rce.

AI-analyzed exploit summary This is a Metasploit module that exploits a deserialization vulnerability in DotNetNuke (DNN) versions 5.0.0 to 9.3.0-RC. The exploit leverages the DNNPersonalization cookie to execute arbitrary code on the target system by deserializing malicious data.

Description

DNN (aka DotNetNuke) 9.2 through 9.2.1 incorrectly converts encryption key source values, resulting in lower than expected entropy.

Exploits (2)

exploitdb WORKING POC
rubyremotewindows
https://www.exploit-db.com/exploits/48336

This is a Metasploit module that exploits a deserialization vulnerability in DotNetNuke (DNN) versions 5.0.0 to 9.3.0-RC. The exploit leverages the DNNPersonalization cookie to execute arbitrary code on the target system by deserializing malicious data.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: DotNetNuke (DNN) versions 5.0.0 to 9.3.0-RC
No auth needed
Prerequisites: Target must be running a vulnerable version of DNN · DNN must be configured to handle 404 errors with its built-in error page
devstral-2 · analyzed Feb 19, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by Jon Park, Jon Seigel · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/dnn_cookie_deserialization_rce.rb

This Metasploit module exploits a deserialization vulnerability in DotNetNuke (DNN) versions 5.0.0 to 9.3.0-RC by crafting a malicious DNNPersonalization cookie, leading to remote code execution. It supports various DNN versions and includes encryption handling for newer releases.

Classification
Working Poc 100%
Attack Type
Deserialization
Complexity
Moderate
Reliability
Reliable
Target: DotNetNuke (DNN) versions 5.0.0 to 9.3.0-RC
No auth needed
Prerequisites: Target must be running a vulnerable version of DNN · DNN must be configured to handle 404 errors with its built-in error page
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 7.5
EPSS 0.7918
EPSS Percentile 99.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-331
Status published
Products (2)
dnnsoftware/dotnetnuke 9.2 - 9.2.1
nuget/DotNetNuke.Core 9.2.0 - 9.2.2NuGet
Published Jul 03, 2019
Tracked Since Feb 18, 2026