Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-57772

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.12, there is a H2 JDBC RCE bypass in DataEase. If the JDBC URL meets criteria, the getJdbcUrl method is returned, which acts as the getter for the JdbcUrl parameter provided. This bypasses H2's filtering logic and returns the H2 JDBC URL, allowing the "driver":"org.h2.Driver" to specify the H2 driver for the JDBC connection. The vulnerability has been fixed in version 2.10.12.

Published

2025-08-25T17:15:30.340

Last Modified

2025-09-03T13:41:43.700

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Secondary
CWE-94

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	dataease	dataease	< 2.10.12	Yes

References

https://github.com/dataease/dataease/commit/1644d81dff46272b09570fa1f4a8f83f01f37440 Patch ([email protected])
https://github.com/dataease/dataease/security/advisories/GHSA-v37q-vh67-9rqv Exploit, Third Party Advisory ([email protected])