CVE-2025-48999

Summary

DataEase is an open source business intelligence and data visualization tool. A bypass of CVE-2025-46566's patch exists in versions prior to 2.10.10. In a malicious payload, getUrlType() retrieves hostName. Since the judgment statement returns false, it will not enter the if statement and will not be filtered. The payload can be directly concatenated at the replace location to construct a malicious JDBC statement. Version 2.10.10 contains a patch for the issue.

Affected Software

VendorProductVersion RangeStatus
dataeasedataease< 2.10.10affected

Weaknesses

  • CWE-923: CWE-923: Improper Restriction of Communication Channel to Intended Endpoints
  • CWE-284: CWE-284: Improper Access Control

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

Additional References

References