Flowise contains a path traversal vulnerability in the /api/v1/document-store/loader/process endpoint that allows unauthenticated attackers to write arbitrary files to the filesystem. Attackers can exploit unsanitized fileName parameters with ../ sequences to overwrite critical files like package.json and achieve remote code execution when the application restarts.
The attacker sends a request to the /api/v1/document-store/loader/process endpoint, passing path traversal sequences (../) in the fileName parameter without requiring authentication. The lack of sanitization of the fileName parameter allows exiting the permitted directory and overwriting arbitrary files in the file system — including critical application files such as package.json. After overwriting a key file and restarting the application, malicious code is executed by the server, resulting in RCE being obtained.
An attacker can gain full control over the server through RCE, which includes the ability to steal data, install backdoors, perform lateral movement in the network, and completely compromise the environment in which Flowise is running.
Security patches available from the vendor should be applied according to the references (GitHub Security Advisory GHSA-8vvx-qvq9-5948). Until the update is applied, it is recommended to restrict access to the /api/v1/document-store/loader/process endpoint at the firewall or reverse proxy level and enforce authentication before reaching the application.
Flowise application — versions indicated in the vendor's references (affects network-accessible instances without an additional authentication layer).
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XFlowiseai Flowise
APPFlowiseai≤ 3.1.3
Related vulnerabilities
RCE w Flowise — command injection przez endpoint Custom MCP
Flowise – Authentication Bypass przez niezabezpieczony endpoint rejestracji
Flowise – nieuwierzytelniony upload plików z path traversal umożliwiający RCE
Flowise – path traversal umożliwiający zapis/odczyt plików i RCE (bez uwierzytelnienia)
Flowise: niebezpieczna walidacja danych uwierzytelniających w endpoincie checkBasicAuth