Platform
dotnet
Component
dnn.platform
Fixed in
10.1.2
10.1.1
CVE-2025-64095 is a critical vulnerability affecting DNN.PLATFORM versions up to 9.9.0. It allows unauthenticated users to upload files through the default HTML editor, potentially overwriting existing files and leading to website defacement. This vulnerability can also be leveraged to inject Cross-Site Scripting (XSS) payloads, compromising user data and website integrity. The vulnerability is fixed in version 10.1.1.
The primary impact of CVE-2025-64095 is the ability for an attacker to deface a DNN.PLATFORM website by overwriting existing files. This could involve replacing the homepage with malicious content, displaying misleading information, or disrupting website functionality. More concerningly, the vulnerability can be chained with other issues to inject XSS payloads. Successful XSS injection could allow an attacker to steal user cookies, redirect users to phishing sites, or execute arbitrary JavaScript code within the context of the vulnerable website. The blast radius extends to all users of the affected website, as anyone visiting the site could be exposed to malicious content or have their data compromised.
CVE-2025-64095 is a high-severity vulnerability with a CRITICAL CVSS score of 10. Public proof-of-concept exploits are likely to emerge given the ease of exploitation. While no active campaigns have been confirmed as of the publication date, the vulnerability's simplicity makes it an attractive target for opportunistic attackers. The vulnerability was publicly disclosed on 2025-10-29.
Exploit Status
EPSS
15.22% (95% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-64095 is to immediately upgrade DNN.PLATFORM to version 10.1.1 or later. If upgrading is not immediately feasible, consider implementing stricter file upload restrictions within the DNN.PLATFORM configuration. This might involve whitelisting allowed file extensions, implementing file size limits, and enabling server-side validation of uploaded files. Web Application Firewalls (WAFs) can be configured to block suspicious file upload attempts, but this is not a substitute for patching. Monitor DNN.PLATFORM logs for unusual file upload activity, particularly uploads from unknown or unauthorized sources.
Update DNN to version 10.1.1 or higher. This version corrects the insufficient access control vulnerability in image upload, preventing site content overwrite. The update will prevent unauthenticated users from replacing existing files.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-64095 is a critical vulnerability in DNN.PLATFORM versions up to 9.9.0 that allows unauthenticated users to upload files, potentially leading to website defacement and XSS injection.
Yes, if you are running DNN.PLATFORM versions 9.9.0 or earlier, you are affected by this vulnerability. Upgrade to 10.1.1 or later to mitigate the risk.
The recommended fix is to upgrade DNN.PLATFORM to version 10.1.1 or later. If immediate upgrade is not possible, implement stricter file upload restrictions.
While no active campaigns have been confirmed, the vulnerability's simplicity makes it a likely target for exploitation. Monitor your systems closely.
Please refer to the official DNN.PLATFORM security advisory for detailed information and updates: [https://www.dnn.pl/security-advisories](https://www.dnn.pl/security-advisories)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your packages.lock.json file and we'll tell you instantly if you're affected.