CVE-2025-49002

CRITICAL NUCLEI

DataEase < 2.10.10 - Authentication Bypass via Case Insensitivity

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2025-49002. PoCs published by adminlove520, Feng-Huang-0520, jiuzui129-arch. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains functional exploit code for multiple CVEs, including authentication bypass vulnerabilities in TOTOLINK devices and a scanner for Fortinet SSL VPN (CVE-2024-21762). The PoCs demonstrate the vulnerabilities with clear technical details and functional code.

Description

DataEase is an open source business intelligence and data visualization tool. Versions prior to version 2.10.10 have a flaw in the patch for CVE-2025-32966 that allow the patch to be bypassed through case insensitivity because INIT and RUNSCRIPT are prohibited. The vulnerability has been fixed in v2.10.10. No known workarounds are available.

Exploits (3)

github WORKING POC 2 stars
by adminlove520 · pythonpoc
https://github.com/adminlove520/CVE-Poc_All_in_One/tree/main/2025/CVE-2025-49002

This repository contains functional exploit code for multiple CVEs, including authentication bypass vulnerabilities in TOTOLINK devices and a scanner for Fortinet SSL VPN (CVE-2024-21762). The PoCs demonstrate the vulnerabilities with clear technical details and functional code.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: TOTOLINK LR350, TOTOLINK T6, Fortinet SSL VPN
No auth needed
Prerequisites: network access to the target device
devstral-2 · analyzed Feb 27, 2026 Full analysis →
github WORKING POC 1 stars
by Feng-Huang-0520 · pythonpoc
https://github.com/Feng-Huang-0520/DataEase_Postgresql_JDBC_Bypass-CVE-2025-49002

This repository contains a functional exploit for CVE-2025-49002, targeting a PostgreSQL JDBC bypass vulnerability in DataEase. The PoC sends a crafted HTTP request to the `/de2api/datasource/validate` endpoint with a malicious configuration payload, potentially leading to remote code execution (RCE).

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: DataEase (version not specified)
Auth required
Prerequisites: Access to the target DataEase instance · Valid X-DE-TOKEN for authentication
devstral-2 · analyzed Feb 19, 2026 Full analysis →
github WORKING POC
by jiuzui129-arch · pythonpoc
https://github.com/jiuzui129-arch/CVE-2025-49002

This PoC exploits CVE-2025-49002, a remote code execution vulnerability in DataEase via PostgreSQL JDBC bypass. It sends a crafted JSON payload to the '/de2api/datasource/validate' endpoint, triggering RCE if the target is vulnerable.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: DataEase (version not specified)
Auth required
Prerequisites: Valid target URL · Authentication token (X-DE-TOKEN)
devstral-2 · analyzed Feb 19, 2026 Full analysis →

Nuclei Templates (1)

DataEase - Remote Code Execution
HIGHVERIFIEDby WeQi
Shodan: http.html:"DataEase"
FOFA: app="FIT2CLOUD-DataEase"

References (2)

Core 2
Core References
Exploit, Third Party Advisory x_refsource_confirm
https://github.com/dataease/dataease/security/advisories/GHSA-999m-jv2p-5h34

Scores

CVSS v3 9.8
EPSS 0.2617
EPSS Percentile 96.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-290
Status published
Products (1)
dataease/dataease < 2.10.10
Published Jun 03, 2025
Tracked Since Feb 18, 2026