CVE-2024-36420
GHSL-2023-232: Flowise Path Injection at /api/v1/openai-assistants-file
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Attend
*SSVC
Descriptions
Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, the `/api/v1/openai-assistants-file` endpoint in `index.ts` is vulnerable to arbitrary file read due to lack of sanitization of the `fileName` body parameter. No known patches for this issue are available.
Flowise es una interfaz de usuario de arrastrar y soltar para crear un flujo de modelo de lenguaje grande personalizado. En la versión 1.4.3 de Flowise, el endpoint `/api/v1/openai-assistants-file` en `index.ts` es vulnerable a la lectura arbitraria de archivos debido a la falta de sanitización del parámetro del cuerpo `fileName`. No hay parches conocidos disponibles para este problema.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Attend
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-05-27 CVE Reserved
- 2024-07-01 CVE Published
- 2024-07-04 EPSS Updated
- 2024-08-02 CVE Updated
- 2024-08-02 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://github.com/FlowiseAI/Flowise/blob/e93ce07851cdc0fcde12374f301b8070f2043687/packages/server/src/index.ts#L982 | Product |
| URL | Date | SRC |
|---|---|---|
| https://securitylab.github.com/advisories/GHSL-2023-232_GHSL-2023-234_Flowise | 2024-08-02 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|