OrientDB Core is vulnerable to remote code execution (RCE) attacks. Permissions are not enforced on a user executing a statement to the ORole
structure containing a where
, fetchplan
or order by
statement. By executing a groovy function where the groovy wrapper doesn’t have a sandbox, any system command can be executed.