Login Sign Up

CVE-2022-34115

9.8 CRITICAL
Path Traversal

📋 TL;DR

DataEase v1.11.1 contains an arbitrary file write vulnerability via the dataSourceId parameter. This allows attackers to write arbitrary files to the server filesystem, potentially leading to remote code execution. All systems running DataEase v1.11.1 are affected.

💻 Affected Systems

Products:
  • DataEase
Versions: v1.11.1
Operating Systems: All platforms running DataEase
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of DataEase v1.11.1 are vulnerable by default.

📦 What is this software?

Dataease by Dataease

View all CVEs affecting Dataease →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, and lateral movement within the network.

🟠

Likely Case

Arbitrary file write enabling web shell deployment, configuration modification, or data manipulation.

🟢

If Mitigated

Limited impact if proper file system permissions and input validation are in place, though risk remains elevated.

🌐 Internet-Facing: HIGH
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

The vulnerability is publicly documented with proof-of-concept available, making exploitation straightforward.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v1.11.2

Vendor Advisory: https://github.com/dataease/dataease/releases/tag/v1.11.2

Restart Required: Yes

Instructions:

1. Backup your DataEase configuration and data. 2. Download DataEase v1.11.2 from the official releases. 3. Stop the DataEase service. 4. Replace the installation with v1.11.2. 5. Restart the DataEase service.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement strict input validation for the dataSourceId parameter to prevent path traversal.

Not applicable - requires code modification

File System Permissions Restriction

linux

Restrict DataEase process permissions to limit file system write access.

chmod -R 750 /path/to/dataease
chown -R dataease:dataease /path/to/dataease

🧯 If You Can't Patch

  • Implement network segmentation to isolate DataEase servers from critical systems.
  • Deploy web application firewall (WAF) rules to block requests containing path traversal patterns in dataSourceId parameter.

🔍 How to Verify

Check if Vulnerable:

Check if DataEase version is exactly v1.11.1 using the version check command.

Check Version:

Check DataEase web interface admin panel or examine application metadata files.

Verify Fix Applied:

Verify the version has been updated to v1.11.2 or later.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file write operations in application logs
  • Requests with suspicious dataSourceId parameters containing path traversal sequences (../, ..\)

Network Indicators:

  • HTTP requests with dataSourceId parameter containing file paths or traversal sequences

SIEM Query:

source="dataease.log" AND (dataSourceId CONTAINS "../" OR dataSourceId CONTAINS "..\")

📊 Metadata

CVE ID: CVE-2022-34115
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-434
Published: July 22, 2022
Last Updated: September 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-34115, you might also want to check these:

CVE-2024-52490 10.0

This vulnerability allows attackers to upload arbitrary files, including web shells, to Pathomation ...

Same vulnerability type (CWE-434)
CVE-2024-43160 10.0

CVE-2024-43160 is an unauthenticated arbitrary file upload vulnerability in the BerqWP WordPress plu...

Same vulnerability type (CWE-434)
CVE-2024-8940 10.0

CVE-2024-8940 is a critical unrestricted file upload vulnerability in Scriptcase version 9.4.019 tha...

Same vulnerability type (CWE-434)