CVE-2025-61687

CVE-2025-61687 is a file upload vulnerability in version 3.0.7 of FlowiseAI, an open-source drag-and-drop user interface for building customized large language model (LLM) flows. The issue stems from inadequate validation during file uploads, as the system fails to check file extensions, MIME types, or file content. This allows authenticated users to upload arbitrary files, including malicious Node.js web shells, which are persistently stored on the server. The vulnerability is rated high severity with a CVSS v3.1 base score of 8.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H) and is associated with CWE-434 (Unrestricted Upload of File with Dangerous Type).

Authenticated attackers with low privileges can exploit this vulnerability remotely and with low complexity to upload Node.js-based web shells via the affected upload endpoints. These shells persist on the server and expose HTTP endpoints capable of executing arbitrary commands if triggered, such as through administrator error or chained vulnerabilities. While the uploaded files do not auto-execute, successful triggering leads to remote code execution (RCE), resulting in high impacts to integrity and availability, with low confidentiality impact.

No patched versions of FlowiseAI were available as of the CVE's publication on 2025-10-06T16:15:35.223. The vulnerable code is exposed in the FlowiseAI GitHub repository, specifically in packages/components/src/storageUtils.ts (lines 1104-1111, 170-175, and 533-541) and packages/server/src/controllers/attachments/index.ts (lines 4-11) and packages/server/src/routes/attachments/index.ts (line 8). Practitioners should audit these locations, restrict upload permissions, and implement comprehensive file validation until official fixes are released.