A vital vulnerability affecting FlowiseAI’s Flowise platform has been disclosed, revealing a extreme authentication bypass flaw that enables attackers to carry out full account takeovers with minimal effort.
The vulnerability tracked as CVE-2025-58434 impacts each cloud deployments at cloud.flowiseai.com and self-hosted installations, making it a widespread safety concern for organizations utilizing this AI agent-building platform.
Key Takeaways1. Vital flaw in FlowiseAI exposes password reset tokens.2. Impacts each cloud and self-hosted deployments.3. Deploy WAF safety and limit API entry till official patches develop into out there.
Password Reset Token Vulnerability
The vulnerability stems from a elementary design flaw within the /api/v1/account/forgot-password endpoint, which inappropriately returns delicate authentication tokens in API responses with out correct verification.
When an attacker submits a password reset request, the endpoint responds with full person particulars, together with the sufferer’s tempToken and tokenExpiry timestamp, successfully bypassing the meant email-based verification course of.
The exploitation course of requires solely data of the goal’s e-mail tackle. Attackers can execute a easy POST request to the susceptible endpoint utilizing curl instructions: curl -i -X POST -H “Content material-Kind: software/json” -d ‘{“person”:{“e-mail”:”[email protected]”}}’.
The server responds with a 201 Created standing, exposing the whole person object containing the tempToken required for password reset operations.
As soon as obtained, the uncovered tempToken will be instantly reused towards the /api/v1/account/reset-password endpoint to vary the sufferer’s credentials with none extra verification.
This second-stage assault makes use of one other POST request containing the sufferer’s e-mail, the intercepted tempToken, and the attacker’s chosen password.
The server processes this request with a 200 OK response, finishing the account takeover course of.
The vulnerability carries a CVSS 3.1 Base Rating of 9.8 (Vital) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating network-accessible exploitation requiring no authentication, low assault complexity, and leading to excessive influence throughout confidentiality, integrity, and availability.
This classification displays the vulnerability’s potential for widespread automated exploitation towards each cloud and on-premises deployments.
The vulnerability was reported by safety researchers Zaddy6 and Arthurgervais.
Danger FactorsDetailsAffected ProductsFlowiseAI Flowise ImpactComplete Account Takeover (ATO)Exploit PrerequisitesTarget e-mail tackle, Community entry to /api/v1/account/forgot-password endpoint, No authentication requiredCVSS 3.1 Score9.8 (Vital)
Mitigation
To handle this vital flaw, FlowiseAI and self-hosted directors ought to implement the next measures instantly:
Be sure that the /api/v1/account/forgot-password endpoint by no means discloses tempToken or any delicate account particulars in its HTTP response.
As an alternative, return a generic success message equivalent to {“message”:”If the e-mail exists, you’ll obtain reset directions.”} no matter whether or not the e-mail is registered.
Implement supply of password reset tokens solely by way of the person’s verified e-mail tackle. The API ought to generate a one-time tempToken, retailer it securely server-side, and invalidate it upon first use or after a brief expiration interval.
Add validation to the /api/v1/account/reset-password endpoint by checking that the tempToken matches the final generated token for the given e-mail, hasn’t been used, and originates from the identical shopper/IP that requested it.
Logging every password reset request together with related IP addresses and timestamps will assist in detecting anomalous patterns.
Conduct an intensive code assessment of each cloud and self-hosted deployment branches to verify that no residual debug endpoints expose delicate knowledge.
Implement strict fee limiting on each password reset endpoints to thwart automated enumeration or brute-force makes an attempt. Plan a patch launch for model 3.0.5 that automates all of the above fixes and communicates clear improve directions.
Till the patch is on the market, directors ought to take into account inserting the appliance behind a Net Utility Firewall (WAF) and proscribing entry to the API endpoints to identified networks or authenticated channels solely.
By eliminating direct token publicity and imposing strong verification and monitoring practices, organizations can mitigate the chance of account takeover and protect the integrity of person credentials.
Discover this Story Attention-grabbing! Comply with us on Google Information, LinkedIn, and X to Get Extra Instantaneous Updates.
