A critical, unauthenticated path traversal vulnerability in Flowise allows attackers to achieve remote code execution by overwriting sensitive system files.

This is a path traversal vulnerability located in the /api/v1/document-store/loader/process endpoint. By providing unsanitized fileName parameters containing directory traversal sequences, an unauthenticated attacker can overwrite critical application files to trigger arbitrary code execution.

With a CVSS score of 10.0, this represents the highest level of risk, as it allows unauthenticated remote attackers to gain control over the host environment. Successful exploitation can lead to total system compromise, unauthorized data access, and potential lateral movement within the network.

Immediate Action: Apply the latest security update provided by Flowise to disable the vulnerable file write path.

Proactive Monitoring: Inspect filesystem integrity for unauthorized changes to critical configuration files like package.json and monitor API logs for requests containing suspicious directory traversal patterns (e.g., ../).

Compensating Controls: Deploy a Web Application Firewall (WAF) with rules configured to block requests containing path traversal sequences directed at the document-store API endpoint.

Public Exploit Available: No

Given the unauthenticated nature of this vulnerability and its critical impact, immediate remediation is required. Administrators should verify their current version against the vendor's security advisory and apply the necessary patches without delay to prevent unauthorized system access.