{"vulnerability": "CVE-2025-0655", "sightings": [{"uuid": "87dd2757-e512-4710-8459-9e6167b10602", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0655", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114194780076434760", "content": "", "creation_timestamp": "2025-03-20T12:34:21.894981Z"}, {"uuid": "0b9699ba-5caf-45c7-921c-8fcb707d4f40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0655", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114194836560399737", "content": "", "creation_timestamp": "2025-03-20T12:48:47.953360Z"}, {"uuid": "8bdd5228-346f-4051-ac1d-b664fb113339", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0655", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lksr44ivhb2k", "content": "", "creation_timestamp": "2025-03-20T13:03:42.551143Z"}, {"uuid": "d2f05b8d-1db7-4368-b941-e123f4518e03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0655", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ljleeqrifj2w", "content": "", "creation_timestamp": "2025-03-04T21:02:01.290297Z"}, {"uuid": "97eda4f8-8bcc-4831-ae2b-08d68952c789", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0655", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-03-04T02:34:30.000000Z"}, {"uuid": "8c61fef5-36b7-4868-88a9-40150c302337", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0655", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/dtale_cve_2025_0655", "content": "", "creation_timestamp": "2025-03-11T23:16:54.000000Z"}, {"uuid": "b5578fde-edfe-44c0-84aa-ecd8698e0bc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0655", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lksmi5lpi22v", "content": "", "creation_timestamp": "2025-03-20T11:40:56.349622Z"}, {"uuid": "f02661d4-169e-40a3-952f-c3cadac3e087", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0655", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "0073d655-018a-4c9a-bc03-16a8bdaa7acb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0655", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/dtale_rce_cve_2025_0655.rb", "content": "", "creation_timestamp": "2025-03-03T12:12:04.000000Z"}, {"uuid": "2f6d1eb4-e616-4387-9d05-2f20721c2430", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0655", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10427", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-0655\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A vulnerability in man-group/dtale versions 3.15.1 allows an attacker to override global state settings to enable the `enable_custom_filters` feature, which is typically restricted to trusted environments. Once enabled, the attacker can exploit the /test-filter endpoint to execute arbitrary system commands, leading to remote code execution (RCE). This issue is addressed in version 3.16.1.\n\ud83d\udccf Published: 2025-03-20T10:11:12.681Z\n\ud83d\udccf Modified: 2025-04-04T08:45:38.320Z\n\ud83d\udd17 References:\n1. https://huntr.com/bounties/f63af7bd-5438-4b36-a39b-4c90466cff13\n2. https://github.com/man-group/dtale/commit/1e26ed3ca12fe83812b90f12a2b3e5fb0b740f7a", "creation_timestamp": "2025-04-04T09:36:00.000000Z"}, {"uuid": "fa15c56d-02a6-4047-9834-b7bbe1cc793b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0655", "type": "published-proof-of-concept", "source": "https://t.me/CyberBulletin/3388", "content": "\u26a1\ufe0fDeep Dive: CVE-2025-0655 (Critical RCE in D-Tale)\n\nA misused config + unsafe eval() = full remote code execution.\n\nUnauthenticated attackers can toggle a global flag and run system commands via an exposed API in D-Tale v3.15.1.\n\n\u26a0\ufe0f CVSS 9.8 | EPSS 85.91%\n\n#CyberBulletin", "creation_timestamp": "2025-06-02T09:58:48.000000Z"}, {"uuid": "ad10c891-340b-4296-9735-2493b6506add", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0655", "type": "seen", "source": "https://t.me/cvedetector/20711", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-0655 - Man Group dtale Remote Code Execution (RCE)\", \n  \"Content\": \"CVE ID : CVE-2025-0655 \nPublished : March 20, 2025, 10:15 a.m. | 1\u00a0hour, 40\u00a0minutes ago \nDescription : A vulnerability in man-group/dtale versions 3.15.1 allows an attacker to override global state settings to enable the `enable_custom_filters` feature, which is typically restricted to trusted environments. Once enabled, the attacker can exploit the /test-filter endpoint to execute arbitrary system commands, leading to remote code execution (RCE). This issue is addressed in version 3.16.1. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-20T13:13:02.000000Z"}, {"uuid": "154bbcc1-aa9d-4922-a99f-8b95d8c4f490", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0655", "type": "published-proof-of-concept", "source": "https://t.me/information_security_channel/53632", "content": "CVE-2025-0655 \u2013 Remote Code Execution in D-Tale via Unprotected Custom Filters\nhttps://www.offsec.com/blog/cve-2025-0655/\n\nA critical remote code execution (RCE) vulnerability in the D-Tale data visualization tool was identified which allowed attackers to execute arbitrary system exams, abusing an exposed API endpoint. \nThe post CVE-2025-0655 \u2013 Remote Code Execution in D-Tale via Unprotected Custom Filters (https://www.offsec.com/blog/cve-2025-0655/) appeared first on OffSec (https://www.offsec.com/).", "creation_timestamp": "2025-05-29T19:07:10.000000Z"}]}