Skip to content

Instantly share code, notes, and snippets.

@SNISS

SNISS/CVE-2025-69516.md

Created January 29, 2026 22:22
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save SNISS/3fc5f128236a7ae6e23bcd028a9e5c0b to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save SNISS/3fc5f128236a7ae6e23bcd028a9e5c0b to your computer and use it in GitHub Desktop.
Download ZIP
Raw
CVE-2025-69516.md

Security Advisory — CVE-2025-69516

Disclosure Date: 2025-12-24
CVE ID: CVE-2025-69516
Reporter(s): Gabriel Gomes, João Lobo Procopio, Anderson Vilela Moraes
Vendor: AmidaWare Inc.
Product / Component: Tactical RMM
Version(s) Affected: 1.3.1 and previous versions.
CWE: CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine
Attack Vector: Remote
Privileges Required: authenticated user

CVSS: 8.8

Vulnerability Description

A Server-Side Template Injection (SSTI) vulnerability in the /reporting/templates/preview/ endpoint of Amidaware Tactical RMM, affecting 1.3.1 and previous versions, allows low-privileged authenticated users with Report Viewer or Report Manager permissions to achieve remote command execution on the server. This issue is caused by improper sanitization of the template_md parameter, allowing direct injection of Jinja2 templates.

Affected Components / Technical Details

Impact

  • An authenticated attacker with low privileges can exploit this vulnerability to execute arbitrary commands on the Tactical RMM server, potentially resulting in full system compromise.

Mitigation

  • Update to v1.4.0 version.

Timeline / Status

  • 2026-01-14 — CVE reserved (CVE-2025-69516) by MITRE.
  • 2026-01-27 — Public advisory published by researchers.

Contact

For coordination, secure PoC requests, or further inquiries:
[email protected]

References

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment