DNN (DotNetNuke) CMS Cookie Deserialization RCE CVE-2017-9822
Description
DNN (DotNetNuke) CMS is a .NET-based content management system that contains a critical deserialization vulnerability in versions prior to 9.2.0. The application performs unsafe deserialization of the DNNPersonalization cookie without proper validation, allowing attackers to inject malicious serialized objects. When these objects are deserialized by the server, they can trigger arbitrary code execution, giving attackers complete control over the affected system.
Remediation
Immediately upgrade DNN (DotNetNuke) to version 9.2.0 or later, which addresses this deserialization vulnerability. Follow these steps:
1. Back up your current DNN installation and database before upgrading
2. Download the latest stable version from the official DNN Software website
3. Follow the official upgrade guide at https://www.dnnsoftware.com/docs/administrators/setup/upgrades/index.html
4. After upgrading, clear all application cookies and restart the application pool
5. Review server logs for any suspicious activity that may indicate prior exploitation
If immediate patching is not possible, implement the following temporary mitigations:
- Restrict access to the application using IP whitelisting or VPN requirements
- Monitor for unusual DNNPersonalization cookie values in web server logs
- Implement web application firewall (WAF) rules to detect and block ysoserial.net payloads