How severe is CVE-2025-70830?

CVE-2025-70830 is rated critical severity with a CVSS score of 9.9 out of 10.

Is there a public proof-of-concept (PoC) for CVE-2025-70830?

Yes. Public exploit material exists via 1 GitHub PoC repository. See the references section for direct links. Treat all linked code as untrusted and use only in authorized, isolated lab environments.

What products are affected by CVE-2025-70830?

CVE-2025-70830 affects multiple products. Check vendor advisories for specific affected versions.

How do I fix CVE-2025-70830?

Apply the latest security patches from the vendor. If patching is not immediately possible, review the mitigation steps in this advisory and monitor for exploitation attempts.

CVE-2025-70830: [PoC]

Overview

A critical security vulnerability has been identified in Datart, an open-source data visualization platform. This flaw allows an authenticated attacker to execute arbitrary code on the server hosting the application, potentially leading to a complete system compromise.

Vulnerability Explanation

In simple terms, the application uses a template engine (Freemarker) to dynamically generate content. A specific input field, intended for SQL scripts, does not properly validate or sanitize user input. An attacker with a valid user account can inject malicious template code into this field. The server then processes this code as part of the template, mistakenly executing the attacker’s commands instead of treating them as plain data. This type of attack is known as Server-Side Template Injection (SSTI).

Potential Impact

The impact of this vulnerability is severe. A successful exploit could allow an attacker to:

Execute any command or code on the underlying server operating system.
Steal, modify, or delete sensitive data from the server or connected databases.
Install malware or create a persistent backdoor for ongoing access.
Use the compromised server as a launch point for attacks on other internal systems.

Given that exploitation requires only a standard authenticated account, the risk to affected deployments is very high.

Remediation and Mitigation

The most effective action is to apply the official patch immediately.

Primary Remediation: Upgrade Datart to a patched version as soon as it is released by the vendor. Monitor the official Datart GitHub repository or security advisories for the fixed version addressing CVE-2025-70830.
Immediate Mitigation (If Patching is Delayed):
- Restrict Access: Tighten network controls to limit access to the Datart application to only trusted users and IP addresses.
- Review Permissions: Audit user accounts and enforce the principle of least privilege. Ensure no unnecessary accounts have write or execute permissions, especially for the SQL script functionality.
- Monitor Logs: Closely monitor application and system logs for any unusual activity, particularly unexpected processes or file modifications originating from the Datart service account.

Note: Input validation at the application level is not a sufficient mitigation for this specific flaw once it is present. Patching the core vulnerability is the only complete solution.

Repository	Stars	Last Push
xiaoxiaoranxxx/CVE-2025-70830 A Server-Side Template Injection (SSTI) vulnerability in the Freemarker template engine of Datart v1.0.0-rc.3 allows authenticated attackers to execute arbitrary code via injecting crafted Freemarker	★ 5	2026-02-14

Repository

Stars

xiaoxiaoranxxx/CVE-2025-70830

A Server-Side Template Injection (SSTI) vulnerability in the Freemarker template engine of Datart v1.0.0-rc.3 allows authenticated attackers to execute arbitrary code via injecting crafted Freemarker

★ 5

CVE-2025-70830: [PoC]

Overview

Vulnerability Explanation

Potential Impact

Remediation and Mitigation

Never miss a critical vulnerability

Public PoC References

Related Advisories

Overview

Vulnerability Explanation

Potential Impact

Remediation and Mitigation

Never miss a critical vulnerability

Public PoC References

Related Advisories

Never Miss a Critical Alert