Home > Vulnerability Database > CVE-2025-52487

Mend.io Vulnerability Database

CVE-2025-52487

Date: June 20, 2025

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. In versions 7.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted request or proxy to be created that could bypass the design of DNN Login IP Filters allowing login attempts from IP Addresses not in the allow list. This issue has been patched in version 10.0.1.

Severity Score

8.6

Related Resources (4)

Url: https://github.com/dnnsoftware/Dnn.Platform

Url: https://github.com/dnnsoftware/Dnn.Platform/security/advisories/GHSA-fjhg-3mrh-mm7h

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-52487

Url: https://www.mend.io/vulnerability-database/CVE-2025-52487

Severity Score

8.6

Weakness Type (CWE)

Incorrect Authorization

CWE-863

CVSS v3.1

Base Score:	8.6
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	LOW
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2025-52487

Date: June 20, 2025

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?