RAGFlow Insecure Token Generation Vulnerability Allowing Authentication Bypass

A vulnerability in RAGFlow, an open-source Retrieval-Augmented Generation engine, allows for an authentication bypass through predictable token generation. In versions prior to 0.22.0, the API key and beta token (used for assistant/agent sharing) are generated using the same URLSafeTimedSerializer with predictable inputs. This flaw enables an unauthorized user to derive a personal API key from the beta token by exploiting the shared assistant/agent URL. The vulnerability grants full control over the assistant/agent owner's account.

Impact

Exploitation of this vulnerability leads to authentication bypass, allowing an attacker to gain unauthorized access to an account and its associated privileges.

Reproduction

To reproduce this vulnerability, first obtain a beta token by sharing an assistant/agent URL. The beta token can be decoded to extract a UUIDv1, which contains a predictable timestamp. This timestamp can be manipulated to derive the corresponding API key, which can then be used to access the account.

Remediation

Users are advised to update to RAGFlow version 0.22.0 or later, where this vulnerability has been fixed.