DNN Vulnerability Let Attackers Steal NTLM Credentials via Unicode Normalization Bypass
A critical vulnerability in DNN (formerly DotNetNuke) that allows attackers to steal NTLM credentials through a sophisticated Unicode normalization bypass technique. The vulnerability, tracked as CVE-2025-52488, affects one of the oldest open-source content management systems and demonstrates how defensive coding measures can be circumvented through clever exploitation of Windows and .NET quirks. Key Takeaways1. CVE-2025-52488 […]
The post DNN Vulnerability Let Attackers Steal NTLM Credentials via Unicode Normalization Bypass appeared first on Cyber Security News.