Primary

Context

DataEase H2 JDBC Remote Code Execution Vulnerability

Vulnerability

Patched

A remote code execution vulnerability has been identified in DataEase versions prior to 2.10.12. This issue arises from a JDBC URL parsing flaw that allows for the execution of arbitrary H2 database commands. When a crafted JDBC URL is processed, it bypasses H2's built-in filtering, exposing the application to potential code execution risks.

Impact

Exploitation of this vulnerability allows for remote code execution on the server where DataEase is running.

Reproduction

To reproduce this vulnerability, send a POST request to the '/de2api/datasource/validate' endpoint with a 'jdbcUrl' parameter that includes a crafted H2 JDBC URL. The URL should be constructed to bypass H2's filtering and include commands that could be executed by the H2 database engine. The 'driver' parameter must be set to 'org.h2.Driver' to specify the H2 JDBC driver for the connection.

Remediation

Users are advised to upgrade to DataEase version 2.10.12 or later, where this vulnerability has been fixed.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.7

remediation

7.7

relevance

0.4

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.7

remediation

7.7

relevance

0.4

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

DataEase H2 JDBC Remote Code Execution Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

DataEase

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating