Primary

Context

Flowise Unauthenticated OS Command Execution Vulnerability Allowing Remote Code Execution

Vulnerability

A remote code execution vulnerability has been identified in Flowise versions prior to 3.0.1. The issue arises from the Custom MCPs feature, which allows the execution of unsandboxed OS commands. In default installations of Flowise before version 3.0.1, authentication is not enabled unless specifically configured, creating an opportunity for unauthenticated network attackers to execute arbitrary commands on the operating system.

Impact

Exploitation of this vulnerability allows for unsandboxed OS command execution, leading to remote code execution on the server where Flowise is running.

Reproduction

To reproduce this vulnerability, send a payload to the 'node-load-method/customMCP' API endpoint. The payload should include a command, such as 'touch', and arguments specifying the file to be created, like '/tmp/yofitofi'.

Added: Aug 14, 2025, 10:20 AM

Updated: Aug 14, 2025, 10:20 AM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

10.0

exploitability

9.1

remediation

0.0

relevance

0.3

threat

8.0

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

10.0

exploitability

9.1

remediation

0.0

relevance

0.3

threat

8.0

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Flowise Unauthenticated OS Command Execution Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Reproduction

Affected Products

JFrog Flowise

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating