CyberSecurity news
FlagThis - #langflow
|
info@thehackernews.com (The@The Hacker News
//
A new Flodrix botnet variant is actively targeting vulnerable Langflow AI servers by exploiting a critical remote code execution (RCE) vulnerability tracked as CVE-2025-3248. Langflow, a Python-based visual framework used for building artificial intelligence (AI) applications, contains a missing authentication vulnerability that enables unauthenticated attackers to execute arbitrary code via crafted HTTP requests. Cybersecurity researchers at Trend Micro have highlighted this ongoing campaign, revealing that attackers are leveraging the flaw to execute downloader scripts on compromised Langflow servers. These scripts then fetch and install the Flodrix malware, ultimately leading to full system compromise.
Trend Micro's analysis reveals that attackers are exploiting CVE-2025-3248, which has a CVSS score of 9.8, by using publicly available proof-of-concept (PoC) code to target unpatched, internet-exposed Langflow instances. The vulnerability lies in the lack of input validation or sandboxing within Langflow, allowing malicious payloads to be compiled and executed within the server's context. The downloader scripts retrieve the Flodrix botnet malware from a specified host and, once installed, Flodrix establishes communication with a remote server via TCP to receive commands for launching distributed denial-of-service (DDoS) attacks against targeted IP addresses. Flodrix also supports connections over the TOR anonymity network. The Flodrix botnet is considered an evolution of the LeetHozer botnet, linked to the Moobot group. This improved variant incorporates stealth techniques, including the ability to discreetly remove itself, minimize forensic traces, and obfuscate command-and-control (C2) server addresses, making analysis more challenging. Further enhancements include new, encrypted DDoS attack types. Organizations using Langflow are urged to immediately patch their systems to version 1.3.0 or later, which addresses CVE-2025-3248. Furthermore, implementing robust network monitoring is crucial to detect and mitigate any botnet activity resulting from this vulnerability.
Share:
References :
Classification:
@Talkback Resources
//
A critical security vulnerability in Langflow, an open-source platform used for building agentic AI workflows, is under active exploitation, prompting the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add the flaw to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, identified as CVE-2025-3248, carries a critical CVSS score of 9.8 out of 10, indicating its high severity. Organizations are being urged to immediately apply security updates and mitigation measures to prevent potential attacks.
The flaw is caused by a missing authentication vulnerability in the `/api/v1/validate/code` endpoint of Langflow. This allows unauthenticated remote attackers to execute arbitrary code through crafted HTTP requests. Specifically, the endpoint improperly invokes Python's built-in `exec()` function on user-supplied code without adequate authentication or sandboxing. This allows attackers to execute arbitrary commands on the server, potentially leading to full system compromise. The vulnerability affects most versions of Langflow and has been addressed in version 1.3.0, released on March 31, 2025. According to security researchers, the vulnerability is easily exploitable and allows unauthenticated remote attackers to take control of Langflow servers. There are currently 466 internet-exposed Langflow instances, with a majority of them located in the United States, Germany, Singapore, India, and China. While the specifics of real-world exploitation are not fully known, exploit attempts have been recorded against honeypots. Federal Civilian Executive Branch (FCEB) agencies have been given until May 26, 2025, to apply the necessary fixes.
Share:
References :
Classification: |