Volerion logoVolerion
Volerion logoVolerion

DataEase Redshift JDBC Connection Remote Code Execution Vulnerability

Vulnerability

A remote code execution vulnerability has been identified in DataEase versions through 2.10.8. This issue allows authenticated users to execute arbitrary code via the backend JDBC connection to Redshift. The vulnerability arises from a lack of proper input validation, enabling the execution of malicious payloads embedded in the JDBC URL.

Impact

Exploitation of this vulnerability allows authenticated users to execute arbitrary code on the server where DataEase is running.

Reproduction

To reproduce this vulnerability, first upload a malicious XML file containing a payload designed to be executed, such as a ProcessBuilder command, to a location accessible by the DataEase application. Then, create a JDBC connection to a Redshift database, including the URL of the malicious XML file in the 'socketFactoryArg' parameter. When the connection is established, the application will download and execute the XML file, triggering the remote code execution.

Remediation

Users are advised to upgrade to DataEase version 2.10.9, where this vulnerability has been patched.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
10.0
exploitability
4.6
remediation
7.7
relevance
0.0
threat
6.4
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.