8.8
CVE-2025-69516
- EPSS 2.1%
- Veröffentlicht 29.01.2026 00:00:00
- Zuletzt bearbeitet 13.02.2026 20:33:25
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginA Server-Side Template Injection (SSTI) vulnerability in the /reporting/templates/preview/ endpoint of Amidaware Tactical RMM, affecting versions equal to or earlier than v1.3.1, allows low-privileged users with Report Viewer or Report Manager permissions to achieve remote command execution on the server. This occurs due to improper sanitization of the template_md parameter, enabling direct injection of Jinja2 templates. This occurs due to misuse of the generate_html() function, the user-controlled value is inserted into `env.from_string`, a function that processes Jinja2 templates arbitrarily, making an SSTI possible.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Amidaware ≫ Tactical Rmm Version < 1.4.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.1% | 0.793 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-1336 Improper Neutralization of Special Elements Used in a Template Engine
The product uses a template engine to insert or process externally-influenced input, but it does not neutralize or incorrectly neutralizes special elements or syntax that can be interpreted as template expressions or other code directives when processed by the engine.
https://github.com/amidaware/tacticalrmm
https://www.amidaware.com/
https://gist.github.com/NtGabrielGomes/7c424367cc316fd7527f668ff076fece