CVE-2025-52487: DNN.PLATFORM possibly allows bypass of IP Filters

June 20, 2025 (updated June 27, 2025)

DNN.PLATFORM allows a specially crafted request or proxy to be created that would bypass the design of DNN Login IP Filters allowing login attempts from IP Adresses not in the allow list. This vulnerability is fixed in 10.0.1.

References

github.com/advisories/GHSA-fjhg-3mrh-mm7h
github.com/dnnsoftware/Dnn.Platform
github.com/dnnsoftware/Dnn.Platform/security/advisories/GHSA-fjhg-3mrh-mm7h
nvd.nist.gov/vuln/detail/CVE-2025-52487

Code Behaviors & Features

Detect and mitigate CVE-2025-52487 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →