平台
python
组件
comfyanonymous/comfyui
修复版本
0.3.41
CVE-2025-6107 is a vulnerability affecting ComfyUI versions 0.3.40 through 0.3.40. This issue involves the manipulation of dynamically-determined object attributes within the set_attr function located in /comfy/utils.py. A remote attacker could potentially exploit this flaw. A fix is available in version 0.3.41.
The vulnerability lies in the set_attr function, which allows for the dynamic setting of object attributes. An attacker could leverage this to modify the behavior of ComfyUI, potentially leading to arbitrary code execution or denial of service. While the complexity of the attack is considered high, the public disclosure of the exploit increases the risk of exploitation. The ability to launch the attack remotely expands the potential attack surface, making systems running vulnerable versions of ComfyUI susceptible to compromise.
This vulnerability was publicly disclosed on 2025-06-16. The vendor, comfyanonymous, was contacted but did not respond. The exploit's public availability and relatively high complexity suggest a moderate risk of exploitation. No KEV listing or EPSS score is currently available. The description indicates the exploit has been disclosed, increasing the likelihood of exploitation.
Users running ComfyUI version 0.3.40 are at direct risk. This includes individuals and organizations utilizing ComfyUI for AI image generation and experimentation. Shared hosting environments where ComfyUI is deployed could also be affected, potentially impacting multiple users.
• python / ComfyUI:
import os
import subprocess
# Check ComfyUI version
process = subprocess.Popen(['comfyui', '--version'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
stdout, stderr = process.communicate()
version = stdout.decode('utf-8').strip()
if version == '0.3.40':
print('Vulnerable ComfyUI version detected!')
else:
print('ComfyUI version is not vulnerable.')• python / ComfyUI: Monitor file system for modifications to /comfy/utils.py
import os
import time
file_path = '/comfy/utils.py'
while True:
try:
last_modified = os.path.getmtime(file_path)
time.sleep(60) # Check every minute
current_modified = os.path.getmtime(file_path)
if current_modified != last_modified:
print(f'File {file_path} has been modified!')
break
except FileNotFoundError:
print(f'File {file_path} not found.')
breakdisclosure
patch
漏洞利用状态
EPSS
0.07% (21% 百分位)
CISA SSVC
CVSS 向量
The primary mitigation is to upgrade ComfyUI to version 0.3.41 or later, which contains the fix for this vulnerability. If upgrading is not immediately feasible, consider implementing input validation on the attributes being set within the setattr function to restrict the values that can be assigned. While a direct WAF rule is unlikely, monitoring network traffic for unusual requests targeting /comfy/utils.py could provide early warning signs of exploitation attempts. After upgrading, confirm the fix by attempting to trigger the vulnerable setattr function with malicious input and verifying that it is properly handled.
升级到已修复 comfyui 的补丁版本,以解决动态确定的对象属性漏洞。如果尚无可用版本,请考虑手动修补 /comfy/utils.py 文件或在发布更新之前禁用受影响的功能。
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2025-6107 is a vulnerability in ComfyUI versions 0.3.40–0.3.40 that allows attackers to manipulate object attributes, potentially leading to code execution or denial of service.
You are affected if you are running ComfyUI version 0.3.40. Upgrade to version 0.3.41 to mitigate the risk.
Upgrade ComfyUI to version 0.3.41 or later. If immediate upgrade is not possible, implement input validation on attribute settings.
The exploit has been publicly disclosed, increasing the likelihood of exploitation. Monitor your systems for suspicious activity.
Refer to the comfyanonymous GitHub repository for updates and advisories related to CVE-2025-6107.
上传你的 requirements.txt 文件,立即知道是否受影响。