A vulnerability has been discovered in DotNetNuke, which could allow for unauthorized access. DNN is a content management system (CMS) for websites. Successful exploitation could result in an attacker gaining Super User access to the CMS allowing access to sensitive information, and the ability to add, remove, or modify content. An attacker can also utilize the vulnerability in phishing campaigns to redirect unsuspecting users to a malicious site.
- DNN versions prior to 8.0.3
Due to a failure to remove files required for installation of DNN, a remote attacker is able to leverage a specially crafted URL to access the install wizard and create Super User accounts. Specifically, this occurs when the files InstallWizard.aspx and InstallWizard.aspx.cs exist under the Website Root\Install folder. DNN has released version 8.0.3 to address this issue.
Successful exploitation could result in an attacker gaining Super User access to the CMS allowing access to sensitive information, and the ability to add, remove, or modify content.
DNN has also released a work around which entails manually removing the following files from the Website Folder\Install location.
- DotNetNuke.install.config
- DotNetNuke.install.config.resources
- InstallWizard.aspx
- InstallWizard.aspx.cs
- InstallWizard.aspx.designer.cs
- UpgradeWizard.aspx
- UpgradeWizard.aspx.cs
- UpgradeWizard.aspx.designer.cs
- Install.aspx
- Install.aspx.cs
- Install.aspx.designer.cs
- Verify that no unauthorized changes have occurred on the system prior to implementing patches.
- Update DNN CMS to the latest version after appropriate testing.
- Verify that all files listed above have been removed, and review current Super User accounts for unauthorized access.
- Confirm that the operating system and all other applications on the system running this CMS are updated with the most recent patches.