| 제목 | Langflow <= 1.1.0 Unrestricted Upload of File with Dangerous Type |
|---|
| 설명 | # Technical Details
An unauthenticated arbitrary file upload vulnerability exists in Langflow due to a deprecated "zombie" API endpoint that remains active. The `/api/v1/upload/{flow_id}` endpoint fails to implement any authentication or ownership validation, allowing any remote user to arbitrarily upload files directly to the server's disk.
# Vulnerable Code
File: `src/backend/base/langflow/api/v1/endpoints.py`
Method: `create_upload_file` (Route: `/upload/{flow_id}`)
Why: The route is marked as `deprecated=True` but still functional. Unlike the new secure API routes (which properly use `Depends(get_current_active_user)` and `Depends(get_flow)`), this deprecated endpoint simply lacks FastAPI dependency injection for authentication checks, processing the uploaded `UploadFile` unauthenticated.
# Reproduction
1. An unauthenticated remote attacker starts an HTTP client.
2. The attacker generates a random UUID as a dummy `flow_id`.
3. The attacker issues a POST request to `http://<target-langflow-server>:7860/api/v1/upload/<dummy_flow_id>` uploading a dummy file.
4. The server accepts the upload, responds with HTTP 201 Created, and saves the file permanently on the host's filesystem without ever challenging for credentials.
# Impact
- Denial of Service (DoS) through disk exhaustion (uploading massive files).
- Inode exhaustion (uploading massive numbers of small files).
- The server can be abused as malicious file hosting infrastructure by remote attackers.
|
|---|
| 원천 | ⚠️ https://gist.github.com/chenhouser2025/c2aabfdee41009cfe45d28a9924742a0 |
|---|
| 사용자 | Eric-d (UID 96861) |
|---|
| 제출 | 2026. 03. 28. PM 02:34 (23 날 ago) |
|---|
| 모더레이션 | 2026. 04. 19. PM 03:47 (22 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 358231 [langflow-ai langflow 까지 1.1.0 API Endpoint endpoints.py create_upload_file 권한 상승] |
|---|
| 포인트들 | 20 |
|---|