CVE-2025-52487

EPSS 0.24%

DNN.PLATFORM possibly allows bypass of IP Filters

Published: 6/20/2025Modified: 6/27/2025

Description

DNN.PLATFORM allows a specially crafted request or proxy to be created that would bypass the design of DNN Login IP Filters allowing login attempts from IP Adresses not in the allow list. This vulnerability is fixed in 10.0.1.

Affected packages (1)

NuGet/DNN.PLATFORM>= 7.0.0, < 10.0.1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 4.0	—	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N

References (3)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2025-52487
PATCHhttps://github.com/dnnsoftware/Dnn.Platform
WEBhttps://github.com/dnnsoftware/Dnn.Platform/security/advisories/GHSA-fjhg-3mrh-mm7h