CVE-2025-70830: n/a
CVE-2025-70830 is a Server-Side Template Injection (SSTI) vulnerability found in the Freemarker template engine used by Datart v1. 0. 0-rc. 3. It allows authenticated attackers to inject malicious Freemarker template syntax into an SQL script field, leading to arbitrary code execution on the server. Exploitation requires authentication but no user interaction beyond that. There are no known public exploits yet, and no CVSS score has been assigned. The vulnerability poses significant risks to confidentiality, integrity, and availability of affected systems. European organizations using Datart with Freemarker should prioritize patching or mitigating this issue. Countries with higher adoption of Datart or similar BI tools, and those with critical infrastructure relying on such platforms, are more at risk.
AI Analysis
Technical Summary
CVE-2025-70830 is a Server-Side Template Injection (SSTI) vulnerability affecting the Freemarker template engine integrated within Datart version 1.0.0-rc.3. SSTI vulnerabilities occur when user input is unsafely embedded in server-side templates, allowing attackers to inject and execute arbitrary code. In this case, authenticated attackers can inject crafted Freemarker template syntax into an SQL script field, which is then processed by the Freemarker engine. This injection enables execution of arbitrary code on the server hosting Datart, potentially leading to full system compromise. The vulnerability requires the attacker to be authenticated, which limits exploitation to users with some level of access, but does not require further user interaction. No patches or fixes have been publicly disclosed yet, and no known exploits are in the wild. The lack of a CVSS score indicates the vulnerability is newly published and not yet fully assessed, but the nature of SSTI and arbitrary code execution suggests a high risk. The vulnerability impacts the confidentiality, integrity, and availability of systems running the affected Datart version, as attackers could execute commands, access sensitive data, or disrupt services. The Freemarker template engine is widely used in Java-based applications, and Datart is a business intelligence platform that may be deployed in enterprise environments, increasing the potential impact.
Potential Impact
For European organizations, this vulnerability poses a significant threat especially to those using Datart or similar BI tools that incorporate Freemarker templates. Successful exploitation can lead to unauthorized code execution, data breaches, and service disruptions. Confidential business intelligence data could be exposed or manipulated, undermining decision-making processes. The requirement for authentication reduces the attack surface but insider threats or compromised credentials could be leveraged by attackers. The impact extends to critical sectors such as finance, healthcare, and government agencies that rely on BI platforms for data analytics. Disruption or compromise of these systems could have cascading effects on operational continuity and regulatory compliance, including GDPR implications. Additionally, the lack of available patches means organizations must rely on mitigation strategies to reduce risk until a fix is released.
Mitigation Recommendations
1. Restrict access to Datart instances strictly to trusted users and networks to minimize the risk of authenticated attackers. 2. Implement strong authentication mechanisms, including multi-factor authentication, to reduce the risk of credential compromise. 3. Apply rigorous input validation and sanitization on all user inputs, especially those interacting with template engines or SQL fields, to prevent injection of malicious template syntax. 4. Monitor logs and application behavior for unusual template processing or execution patterns indicative of exploitation attempts. 5. Isolate the Datart environment using network segmentation and least privilege principles to limit potential damage from a successful attack. 6. Stay informed about vendor updates and apply patches promptly once available. 7. Consider deploying Web Application Firewalls (WAFs) with custom rules to detect and block SSTI payloads targeting Freemarker templates. 8. Conduct security reviews and code audits focusing on template usage and input handling within Datart deployments.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Sweden
CVE-2025-70830: n/a
Description
CVE-2025-70830 is a Server-Side Template Injection (SSTI) vulnerability found in the Freemarker template engine used by Datart v1. 0. 0-rc. 3. It allows authenticated attackers to inject malicious Freemarker template syntax into an SQL script field, leading to arbitrary code execution on the server. Exploitation requires authentication but no user interaction beyond that. There are no known public exploits yet, and no CVSS score has been assigned. The vulnerability poses significant risks to confidentiality, integrity, and availability of affected systems. European organizations using Datart with Freemarker should prioritize patching or mitigating this issue. Countries with higher adoption of Datart or similar BI tools, and those with critical infrastructure relying on such platforms, are more at risk.
AI-Powered Analysis
Technical Analysis
CVE-2025-70830 is a Server-Side Template Injection (SSTI) vulnerability affecting the Freemarker template engine integrated within Datart version 1.0.0-rc.3. SSTI vulnerabilities occur when user input is unsafely embedded in server-side templates, allowing attackers to inject and execute arbitrary code. In this case, authenticated attackers can inject crafted Freemarker template syntax into an SQL script field, which is then processed by the Freemarker engine. This injection enables execution of arbitrary code on the server hosting Datart, potentially leading to full system compromise. The vulnerability requires the attacker to be authenticated, which limits exploitation to users with some level of access, but does not require further user interaction. No patches or fixes have been publicly disclosed yet, and no known exploits are in the wild. The lack of a CVSS score indicates the vulnerability is newly published and not yet fully assessed, but the nature of SSTI and arbitrary code execution suggests a high risk. The vulnerability impacts the confidentiality, integrity, and availability of systems running the affected Datart version, as attackers could execute commands, access sensitive data, or disrupt services. The Freemarker template engine is widely used in Java-based applications, and Datart is a business intelligence platform that may be deployed in enterprise environments, increasing the potential impact.
Potential Impact
For European organizations, this vulnerability poses a significant threat especially to those using Datart or similar BI tools that incorporate Freemarker templates. Successful exploitation can lead to unauthorized code execution, data breaches, and service disruptions. Confidential business intelligence data could be exposed or manipulated, undermining decision-making processes. The requirement for authentication reduces the attack surface but insider threats or compromised credentials could be leveraged by attackers. The impact extends to critical sectors such as finance, healthcare, and government agencies that rely on BI platforms for data analytics. Disruption or compromise of these systems could have cascading effects on operational continuity and regulatory compliance, including GDPR implications. Additionally, the lack of available patches means organizations must rely on mitigation strategies to reduce risk until a fix is released.
Mitigation Recommendations
1. Restrict access to Datart instances strictly to trusted users and networks to minimize the risk of authenticated attackers. 2. Implement strong authentication mechanisms, including multi-factor authentication, to reduce the risk of credential compromise. 3. Apply rigorous input validation and sanitization on all user inputs, especially those interacting with template engines or SQL fields, to prevent injection of malicious template syntax. 4. Monitor logs and application behavior for unusual template processing or execution patterns indicative of exploitation attempts. 5. Isolate the Datart environment using network segmentation and least privilege principles to limit potential damage from a successful attack. 6. Stay informed about vendor updates and apply patches promptly once available. 7. Consider deploying Web Application Firewalls (WAFs) with custom rules to detect and block SSTI payloads targeting Freemarker templates. 8. Conduct security reviews and code audits focusing on template usage and input handling within Datart deployments.
Affected Countries
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2026-01-09T00:00:00.000Z
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 69948d1c80d747be20bdf6f0
Added to database: 2/17/2026, 3:45:32 PM
Last enriched: 2/17/2026, 4:00:01 PM
Last updated: 2/17/2026, 5:06:15 PM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2026-2617: Insecure Default Initialization of Resource in Beetel 777VR1
MediumCVE-2025-70828: n/a
CriticalCVE-2026-2616: Hard-coded Credentials in Beetel 777VR1
HighCVE-2025-70829: n/a
HighCVE-2024-31118: CWE-862 Missing Authorization in Smartypants SP Project & Document Manager
MediumActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.