CVE-2025-15597 – CVE-2025-15597 is an improper access control vu... (How to Fix)

Q: What is the severity of CVE-2025-15597?

CVE-2025-15597 has a CVSS score of 6.3 (MEDIUM). CVE-2025-15597 is an improper access control vulnerability in Dataease SQLBot up to version 1.4.0 that allows unauthorized access to API endpoints. Attackers can remotely exploit this to perform unauthorized actions through the assistant.py component. All users running SQLBot versions ≤1.4.0 are affected.

📋 TL;DR

CVE-2025-15597 is an improper access control vulnerability in Dataease SQLBot up to version 1.4.0 that allows unauthorized access to API endpoints. Attackers can remotely exploit this to perform unauthorized actions through the assistant.py component. All users running SQLBot versions ≤1.4.0 are affected.

💻 Affected Systems

Products:

Dataease SQLBot

Versions: up to and including 1.4.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Multiple API endpoints in the assistant.py component are affected. The vulnerability exists in the default configuration.

📦 What is this software?

Sqlbot by Fit2cloud

View all CVEs affecting Sqlbot →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through unauthorized administrative actions, data exfiltration, or service disruption via API manipulation.

🟠

Likely Case

Unauthorized access to sensitive data, manipulation of AI models, or privilege escalation through the vulnerable API endpoints.

🟢

If Mitigated

Proper access controls prevent exploitation, limiting impact to authenticated users with appropriate permissions only.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Proof-of-concept exploit is publicly available on GitHub. Remote exploitation requires no authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.5.0

Vendor Advisory: https://github.com/dataease/SQLBot/security/advisories/GHSA-h4xm-3q3p-5g6r

Restart Required: Yes

Instructions:

1. Backup current configuration and data. 2. Download SQLBot version 1.5.0 from official releases. 3. Stop the SQLBot service. 4. Replace the installation with version 1.5.0. 5. Restart the SQLBot service. 6. Verify the patch is applied by checking the version.

🔧 Temporary Workarounds

Network Access Restriction

linux

Restrict network access to SQLBot API endpoints using firewall rules or network segmentation.

iptables -A INPUT -p tcp --dport [SQLBot_PORT] -s [TRUSTED_IP] -j ACCEPT
iptables -A INPUT -p tcp --dport [SQLBot_PORT] -j DROP

API Endpoint Disablement

all

Temporarily disable the vulnerable API endpoints if not required for operations.

# Modify configuration to disable /api/assistant endpoints
# Check SQLBot configuration files for endpoint controls

🧯 If You Can't Patch

Implement strict network segmentation to isolate SQLBot from untrusted networks
Deploy a web application firewall (WAF) with rules to block unauthorized API access patterns

🔍 How to Verify

Check if Vulnerable:

Check if SQLBot version is ≤1.4.0 and if the assistant.py file lacks proper authorization checks in the API endpoints.

Check Version:

Check SQLBot web interface or configuration files for version information, or run: grep -r "version" /path/to/sqlbot/config/

Verify Fix Applied:

Verify the installation is version 1.5.0 and check that commit d640ac31d1ce64ce90e06cf7081163915c9fc28c is present in the codebase.

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to /api/assistant endpoints
Unusual API calls from unexpected IP addresses
Failed authorization attempts followed by successful requests

Network Indicators:

Unusual traffic patterns to SQLBot API endpoints
Requests bypassing authentication to assistant.py endpoints

SIEM Query:

source="sqlbot.log" AND ("unauthorized" OR "access denied") AND endpoint="*/api/assistant*"

📊 Metadata

CVE ID: CVE-2025-15597

CVSS v3 Score: 6.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-266

Published: March 2, 2026

Last Updated: March 5, 2026

🔗 References

https://github.com/dataease/SQLBot/ Product
https://github.com/dataease/SQLBot/commit/d640ac31d1ce64ce90e06cf7081163915c9fc28c Patch
https://github.com/dataease/SQLBot/releases/tag/v1.5.0 Release Notes
https://github.com/dataease/SQLBot/security/advisories/GHSA-h4xm-3q3p-5g6r Exploit,Vendor Advisory
https://github.com/yaowenxiao721/Poc/blob/main/SQLBot/SQLBot-AIModel-Management-Missing-Authorization.md Exploit,Third Party Advisory
https://github.com/yaowenxiao721/Poc/blob/main/SQLBot/SQLBot-User-Management-Broken-Access-Control.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.348291 Permissions Required,VDB Entry
https://vuldb.com/?id.348291 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.706144 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.707283 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.707284 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.707285 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.707286 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.707288 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.707293 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.707294 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.707295 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-15597, you might also want to check these: