CVE-2025-55346
📋 TL;DR
This vulnerability allows remote attackers to execute arbitrary JavaScript code on vulnerable Flowise systems by sending specially crafted POST requests. It affects Flowise versions before 1.7.0 where user input is passed to unsafe dynamic function constructors. Any organization running vulnerable Flowise instances is at risk.
💻 Affected Systems
- Flowise
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise allowing attackers to execute arbitrary code, steal sensitive data, install backdoors, pivot to internal networks, and potentially achieve persistence on the host system.
Likely Case
Remote code execution leading to data exfiltration, credential theft, and deployment of cryptocurrency miners or ransomware payloads on vulnerable systems.
If Mitigated
No impact if proper input validation, sandboxing, or patching is implemented to prevent unsafe dynamic code execution.
🎯 Exploit Status
Exploitation requires only a simple POST request to the vulnerable endpoint with malicious JavaScript payload.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.7.0 and later
Vendor Advisory: https://github.com/FlowiseAI/Flowise/releases/tag/v1.7.0
Restart Required: Yes
Instructions:
1. Backup your Flowise configuration and data. 2. Update to Flowise version 1.7.0 or later using npm: 'npm install -g flowise@latest'. 3. Restart the Flowise service. 4. Verify the update was successful.
🔧 Temporary Workarounds
Network Access Restriction
linuxRestrict network access to Flowise instances using firewall rules to only allow trusted IP addresses.
iptables -A INPUT -p tcp --dport 3000 -s TRUSTED_IP -j ACCEPT
iptables -A INPUT -p tcp --dport 3000 -j DROP
Reverse Proxy Input Validation
allConfigure a reverse proxy (nginx/apache) to block requests containing suspicious JavaScript patterns to vulnerable endpoints.
location ~* /api/v1/.* { if ($request_body ~* "Function|eval|constructor") { return 403; } }
🧯 If You Can't Patch
- Implement strict input validation to reject any user input containing JavaScript function constructors or eval patterns.
- Deploy a Web Application Firewall (WAF) with rules to detect and block RCE attempts targeting dynamic code execution vulnerabilities.
🔍 How to Verify
Check if Vulnerable:
Check if Flowise version is below 1.7.0 by examining package.json or running 'flowise --version' command.Check Version:
flowise --versionVerify Fix Applied:
Verify version is 1.7.0 or higher and test that POST requests with JavaScript payloads to vulnerable endpoints return appropriate error responses instead of executing code.📡 Detection & Monitoring
Log Indicators:
- POST requests to /api/v1/ endpoints containing 'Function', 'eval', or 'constructor' strings in request body
- Unusual process execution from Flowise service account
- Error logs showing JavaScript execution failures
Network Indicators:
- POST requests with base64-encoded or obfuscated JavaScript payloads
- Outbound connections from Flowise to suspicious external IPs
SIEM Query:
source="flowise.logs" AND (http_method="POST" AND uri_path="/api/v1/*" AND (request_body="*Function*" OR request_body="*eval*" OR request_body="*constructor*"))