Continuing @SLCyber’s Christmas in July posts, our Security Research team discovered a pre-authentication NTLM hash disclosure vulnerability in DNN (formerly DotNetNuke), assigned CVE-2025-52488. Read more on our blog here:

Whenever I audit C# code, I look for benign file operations such as File.Exists(), especially if there's a preceding Path.Combine(). Read about how we leaked NTLM hashes pre-authentication in DotNetNuke (CVE-2025-52488) due to a perfect storm of issues.

Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke) #DNNExploit #UnicodeNormalization #NTLMCredentials #DotNetVulnerability #SMBAttack

Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke).

⚡ CVE-2017-9822 DotNetNuke Cookie Deserialization Remote Code Execution (RCE) on .👨🏻‍💻 @# ➟ MTN Group .🆘 Critical.💰 None.🔗 #bugbounty #bugbountytips #cybersecurity #infosec

DNN (DotNetNuke) is a free web application framework based on the #cms #windows

We are live for Open Source Friday! 🎉 Join our chat with @sbwalker, the founder of both Oqtane and DotNetNuke (DNN), two legendary open source projects in the Microsoft ecosystem. 💻 . Watch now 📺 .

🚨 CVE-2025-52488 - high 🚨. DNN (DotNetNuke) - Unicode Path Normalization NTLM Hash Disclosure. > DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in . 👾 @pdnuclei #NucleiTemplates #cve.

Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke)

The second of our “Christmas in July” research posts is live: a high-severity vulnerability (CVSS 8.6) that our Security Research team discovered in DNN (formerly known as DotNetNuke). Read the full overview in our security research blog:

Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke):. #dotnet #infosec #informationsecurity #cybersecurity #exploitation #exploit.

Welcome to DNN-Connect 2023, in beautiful Champery 😍 #dnncms #dotnetnuke #dnncommunity

Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke) #cyber #threathunting #infosec.

Promet Source: DotNetNuke vs Drupal for Large Government Agencies

🚨 CVE-2025-52485: DotNetNuke (DNN) versions 6.0.0 to 10.0.0 are vulnerable to script injection via the activity feed attachment endpoint. Upgrade to 10.0.1 ASAP! 🛡️ #Cybersecurity #DNN #Vulnerability.

Experience easy and reliable DotNetNuke hosting with ColoCrossing, ensuring fast performance and support for your website's success! 💻 #DNN #Hosting #IT. Click the link to learn more about our DNN Hosting:

Recently I was a guest on the @Hanselminutes podcast produced by @shanselman . We had a great conversation reflecting on 2 decades of .NET, sustainable open source, DotNetNuke and Oqtane. #opensource #oqtane

The DNN Platform, formerly DotNetNuke, has been a go-to open-source web content management system since 2002. With its modular architecture and .NET stack integration, it's perfect for dynamic websites & apps. Learn more: #DotNet #OSS

CVE-2025-52485 DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows …