CVE-2025-63388
📋 TL;DR
This CVE describes a CORS misconfiguration in Dify v1.9.1 that allows any external domain to make authenticated cross-origin requests to the /console/api/system-features endpoint. This could enable attackers to perform actions on behalf of authenticated users from malicious websites. All deployments of Dify v1.9.1 with the vulnerable endpoint exposed are affected.
💻 Affected Systems
- Dify
📦 What is this software?
Dify by Langgenius
⚠️ Risk & Real-World Impact
Worst Case
Attackers could perform authenticated API calls from malicious websites, potentially leading to data theft, account takeover, or unauthorized system modifications if the endpoint has privileged functionality.
Likely Case
Attackers could exfiltrate sensitive data from authenticated sessions or perform unauthorized actions available through the vulnerable endpoint.
If Mitigated
With proper network segmentation and access controls, impact would be limited to the specific functionality exposed by the vulnerable endpoint.
🎯 Exploit Status
Exploitation requires the victim to visit a malicious website while authenticated to Dify. The vulnerability is well-documented in public gists.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Not available
Vendor Advisory: https://github.com/langgenius/dify/discussions
Restart Required: No
Instructions:
No official patch available. Monitor Dify releases for updates and apply when available.
🔧 Temporary Workarounds
Restrict CORS Origins
allConfigure the web server or application to only allow specific trusted origins instead of reflecting arbitrary Origin headers.
# Modify Dify configuration to restrict allowed origins
# Example for nginx: add_header Access-Control-Allow-Origin 'https://trusted-domain.com';
Disable CORS Credentials
allRemove Access-Control-Allow-Credentials: true header from the vulnerable endpoint.
# Modify the endpoint configuration to remove or set Access-Control-Allow-Credentials: false
🧯 If You Can't Patch
- Implement strict network access controls to limit exposure of the vulnerable endpoint
- Use web application firewalls (WAF) to detect and block malicious cross-origin requests
🔍 How to Verify
Check if Vulnerable:
Send a request to /console/api/system-features with an arbitrary Origin header and check if it's reflected in Access-Control-Allow-Origin with Access-Control-Allow-Credentials: true.Check Version:
# Check Dify version in web interface or configuration filesVerify Fix Applied:
Verify that Access-Control-Allow-Origin is restricted to specific domains and Access-Control-Allow-Credentials is false or absent.📡 Detection & Monitoring
Log Indicators:
- Unusual cross-origin requests to /console/api/system-features
- Requests with suspicious Origin headers
Network Indicators:
- Cross-origin requests with credentials to the vulnerable endpoint
- Requests from unexpected domains
SIEM Query:
web.url.path:"/console/api/system-features" AND web.http.headers.origin EXISTS