Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
RAGFlow Remote Code Execution Vulnerability
Vulnerability Description
RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In versions prior to 0.23.0, a low-privileged authenticated user (normal login account) can execute arbitrary system commands on the server host process via the frontend Canvas CodeExec component, completely bypassing sandbox isolation. This occurs because untrusted data (stdout) is parsed using eval() with no filtering or sandboxing. The intended design was to "automatically convert string results into Python objects," but this effectively executes attacker-controlled code. Additional endpoints lack access control or contain inverted permission logic, significantly expanding the attack surface and enabling chained exploitation. Version 0.23.0 contains a patch for the issue.
CVSS Information
N/A
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
RAGFlow 安全漏洞
Vulnerability Description
RAGFlow是InfiniFlow开源的一个基于深度文档理解的开源 RAG 引擎。 RAGFlow 0.23.0之前版本存在安全漏洞,该漏洞源于前端Canvas CodeExec组件使用eval解析不受信任的数据且无过滤或沙箱隔离,可能导致任意系统命令执行。
CVSS Information
N/A
Vulnerability Type
N/A