CVE-2025-52488

HIGH EXPLOITED NUCLEI

Dnnsoftware Dotnetnuke < 10.0.1 - Information Disclosure

Title source: rule

Exploitation Summary

CVE-2025-52488 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including SystemVll. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a functional Python exploit for CVE-2025-52488, targeting DNN (DotNetNuke) versions 6.0.0 to 10.0.1. The exploit abuses Unicode path normalization to force SMB requests to an attacker-controlled server, potentially exposing NTLM hashes.

Description

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted series of malicious interaction to potentially expose NTLM hashes to a third party SMB server. This issue has been patched in version 10.0.1.

Exploits (1)

nomisec WORKING POC 2 stars

by SystemVll · infoleak

https://github.com/SystemVll/CVE-2025-52488

View Code ZIP pw:eip

This repository contains a functional Python exploit for CVE-2025-52488, targeting DNN (DotNetNuke) versions 6.0.0 to 10.0.1. The exploit abuses Unicode path normalization to force SMB requests to an attacker-controlled server, potentially exposing NTLM hashes.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: DNN (DotNetNuke) 6.0.0 to before 10.0.1

No auth needed

Prerequisites: Python 3.7+ · SMB server to capture NTLM hashes (e.g., Responder, Burp Collaborator) · List of target DNN hosts

MITRE ATT&CK

T1187 - Forced Authentication T1003 - OS Credential Dumping

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

DNN (DotNetNuke) - Unicode Path Normalization NTLM Hash Disclosure

HIGHVERIFIEDby assetnote,DhiyaneshDk,iamnoooob,pdresearch

Shodan: Set-Cookie: dnn_IsMobile || http.favicon.hash:-1465479343

FOFA: app="dotnetnuke" || Set-Cookie: dnn_IsMobile || icon_hash="-1465479343"

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://github.com/dnnsoftware/Dnn.Platform/security/advisories/GHSA-mgfv-2362-jq96

Scores

CVSS v3 8.6

EPSS 0.2974

EPSS Percentile 96.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

VulnCheck KEV 2025-07-21

CWE

CWE-200

Status published

Products (2)

dnnsoftware/dotnetnuke 6.0.0 - 10.0.1

nuget/DNN.PLATFORM 6.0.0 - 10.0.1NuGet

Published Jun 21, 2025

Tracked Since Feb 18, 2026