CVE-2024-58351: Flowise Remote Code Execution via Configuration Injection

Flowise versions prior to 2.1.4 are affected by CVE-2024-58351, a critical vulnerability allowing configuration injection leading to remote code execution (RCE) and sandbox escape. This flaw stems from the overrideConfig option, available in both the frontend web integration and the backend Prediction API, which is enabled by default without an allow-list for variables. Attackers can exploit this by injecting malicious configurations that bypass the vm2 sandbox, designed to isolate untrusted code. Successful exploitation grants the attacker the ability to execute arbitrary code on the underlying server, perform denial of service, conduct server-side request forgery (SSRF), inject prompts, and exfiltrate sensitive server data and variables. This vulnerability specifically impacts the Flowise instance under attack and does not inherently persist to other users.

Attack Chain

1. Initial Access: An attacker identifies a vulnerable Flowise instance exposing its frontend web integration or backend Prediction API (e.g., /api/v1/prediction, /api/v1/chat).
2. Configuration Injection: The attacker sends a crafted HTTP POST request to a vulnerable endpoint, embedding malicious JavaScript code or commands within the overrideConfig option.
3. VM2 Sandbox Bypass: The injected configuration exploits known vulnerabilities or bypass techniques within the vm2 JavaScript sandbox, which Flowise relies on for code isolation.
4. Remote Code Execution: The successful sandbox bypass allows the attacker to execute arbitrary operating system commands on the underlying server, breaking out of the confined vm2 environment.
5. Impactful Actions: The executed commands perform various malicious activities such as reading sensitive environment variables (e.g., process.env), accessing local system files (e.g., /etc/passwd), initiating Server-Side Request Forgery (SSRF) to internal network resources, or causing a Denial of Service (DoS) by crashing the Node.js process.
6. Data Exfiltration: If successful in reading sensitive data, the attacker may then exfiltrate this information to an external, attacker-controlled server.

Impact

Successful exploitation of CVE-2024-58351 can lead to a complete compromise of the Flowise server. Attackers can achieve remote code execution, allowing them to gain full control over the affected system. This includes the ability to steal sensitive data, modify system configurations, disrupt services through denial of service attacks, or pivot to other systems within the network via server-side request forgery. While the advisory notes these issues are "self-targeted" and do not persist to other users, the impact on the compromised Flowise instance and the data it processes is severe, potentially leading to significant data breaches or operational disruptions.

Recommendation

• Immediately upgrade Flowise to version 2.1.4 or higher to patch CVE-2024-58351.
• Deploy the Sigma rule "Detects CVE-2024-58351 Exploitation - Flowise Configuration Injection Attempt" to your web server logs to identify suspicious overrideConfig usage.
• Deploy the Sigma rule "Detects CVE-2024-58351 Exploitation - Suspicious Process Creation Post-RCE" to your endpoint detection and response (EDR) or system logs (e.g., Sysmon, Auditd) to detect post-exploitation activity.
• Enable comprehensive logging for web server access (e.g., HTTP request bodies, URIs) and process creation events on servers hosting Flowise instances.