प्लेटफ़ॉर्म
nodejs
घटक
flowise
में ठीक किया गया
3.0.9
3.0.8
CVE-2025-61913 describes a critical Arbitrary File Access vulnerability discovered in Flowise, a low-code AI application development platform. This vulnerability allows authenticated attackers to write arbitrary files to the server's file system, potentially enabling remote command execution. The vulnerability affects versions 3.0.0 through 3.0.7 and has been resolved in version 3.0.8.
The core of the vulnerability lies within the WriteFileTool component of Flowise, designed to handle large model files. Due to insufficient file path restrictions, an authenticated attacker can manipulate this tool to write files to any location on the server's file system. This is a significant risk because an attacker could overwrite critical system files, inject malicious code, or gain persistent access to the system. Successful exploitation could lead to complete system compromise, data exfiltration, and denial of service. The potential for remote command execution elevates the severity to critical, as it bypasses typical access controls.
This vulnerability was publicly disclosed on 2025-10-09. While no public proof-of-concept (PoC) has been released at the time of writing, the ease of exploitation and the potential for remote command execution suggest a high likelihood of exploitation. The CVSS score of 9.9 (CRITICAL) reflects the severity of the vulnerability. It is not currently listed on CISA KEV, but its criticality warrants close monitoring.
Organizations deploying Flowise in production environments, particularly those using it to manage large AI models, are at significant risk. Shared hosting environments where multiple users share the same server are also vulnerable, as an attacker could potentially exploit the vulnerability through another user's Flowise instance. Legacy configurations with weak access controls exacerbate the risk.
• nodejs / server: Monitor process execution for unusual file write activity. Use lsof or fuser to identify processes accessing sensitive files.
lsof /etc/passwd• nodejs / server: Examine Flowise application logs for requests related to the WriteFileTool, specifically looking for unusual file paths.
grep 'WriteFileTool' /var/log/flowise/app.log• generic web: Check server access logs for requests containing suspicious file paths or attempts to access restricted directories.
disclosure
एक्सप्लॉइट स्थिति
EPSS
0.70% (72% शतमक)
CISA SSVC
CVSS वेक्टर
The primary mitigation is to immediately upgrade Flowise to version 3.0.8 or later, which includes the necessary fix. If upgrading is not immediately feasible, consider implementing temporary workarounds. Restrict access to the WriteFileTool component to only trusted users and processes. Implement strict file system permissions to limit the attacker's ability to write to sensitive directories. Consider using a Web Application Firewall (WAF) to filter requests containing potentially malicious file paths. Regularly monitor system logs for suspicious file access activity.
Flowise को संस्करण 3.0.8 या उच्चतर में अपडेट करें। यह संस्करण मनमाना फ़ाइल पढ़ने और लिखने की भेद्यता को ठीक करता है। अपडेट को npm या yarn पैकेज मैनेजर के माध्यम से, या आधिकारिक रिपॉजिटरी से नवीनतम संस्करण डाउनलोड करके किया जा सकता है।
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2025-61913 is a critical vulnerability in Flowise allowing authenticated attackers to write arbitrary files, potentially leading to remote command execution. It affects versions 3.0.0 through 3.0.7.
If you are running Flowise versions 3.0.0 through 3.0.7, you are vulnerable. Check your deployment and upgrade immediately.
Upgrade Flowise to version 3.0.8 or later to resolve the vulnerability. If immediate upgrade isn't possible, implement temporary workarounds like restricting access and tightening file permissions.
While no public exploit is currently available, the vulnerability's criticality and ease of exploitation suggest a high likelihood of exploitation. Monitor your systems closely.
Refer to the Flowise project's official security advisory for detailed information and updates: [https://flowise.ai/security](https://flowise.ai/security)
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।