Vulnerabilites related to infiniflow - ragflow
cve-2025-25282
Vulnerability from cvelistv5
Published
2025-02-21 21:04
Modified
2025-02-21 21:04
Severity ?
EPSS score ?
Summary
RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine based on deep document understanding. An authenticated user can exploit the Insecure Direct Object Reference (IDOR) vulnerability that may lead to unauthorized cross-tenant access (list tenant user accounts, add user account into other tenant). Unauthorized cross-tenant access: list user from other tenant (e.g., via GET /<tenant_id>/user/list), add user account to other tenant (POST /<tenant_id>/user). This issue has not yet been patched. Users are advised to reach out to the project maintainers to coordinate a fix.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/infiniflow/ragflow/security/advisories/GHSA-wc5v-g79p-7hch | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| infiniflow | ragflow |
Version: <= 0.13.0 |
{
"containers": {
"cna": {
"affected": [
{
"product": "ragflow",
"vendor": "infiniflow",
"versions": [
{
"status": "affected",
"version": "\u003c= 0.13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine based on deep document understanding. An authenticated user can exploit the Insecure Direct Object Reference (IDOR) vulnerability that may lead to unauthorized cross-tenant access (list tenant user accounts, add user account into other tenant). Unauthorized cross-tenant access: list user from other tenant (e.g., via GET /\u003ctenant_id\u003e/user/list), add user account to other tenant (POST /\u003ctenant_id\u003e/user). This issue has not yet been patched. Users are advised to reach out to the project maintainers to coordinate a fix."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639: Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-21T21:04:46.348Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/infiniflow/ragflow/security/advisories/GHSA-wc5v-g79p-7hch",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/infiniflow/ragflow/security/advisories/GHSA-wc5v-g79p-7hch"
}
],
"source": {
"advisory": "GHSA-wc5v-g79p-7hch",
"discovery": "UNKNOWN"
},
"title": "Potential Insecure Direct Object Reference (IDOR) vulnerability in ragflow"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-25282",
"datePublished": "2025-02-21T21:04:34.731Z",
"dateReserved": "2025-02-06T17:13:33.121Z",
"dateUpdated": "2025-02-21T21:04:46.348Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-10131
Vulnerability from cvelistv5
Published
2024-10-19 03:50
Modified
2024-10-22 19:11
Severity ?
EPSS score ?
Summary
The `add_llm` function in `llm_app.py` in infiniflow/ragflow version 0.11.0 contains a remote code execution (RCE) vulnerability. The function uses user-supplied input `req['llm_factory']` and `req['llm_name']` to dynamically instantiate classes from various model dictionaries. This approach allows an attacker to potentially execute arbitrary code due to the lack of comprehensive input validation or sanitization. An attacker could provide a malicious value for 'llm_factory' that, when used as an index to these model dictionaries, results in the execution of arbitrary code.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| infiniflow | infiniflow/ragflow |
Version: unspecified < |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:infiniflow:ragflow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ragflow",
"vendor": "infiniflow",
"versions": [
{
"status": "affected",
"version": "0.11.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10131",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T19:10:44.499664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T19:11:02.208Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "infiniflow/ragflow",
"vendor": "infiniflow",
"versions": [
{
"lessThanOrEqual": "latest",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The `add_llm` function in `llm_app.py` in infiniflow/ragflow version 0.11.0 contains a remote code execution (RCE) vulnerability. The function uses user-supplied input `req[\u0027llm_factory\u0027]` and `req[\u0027llm_name\u0027]` to dynamically instantiate classes from various model dictionaries. This approach allows an attacker to potentially execute arbitrary code due to the lack of comprehensive input validation or sanitization. An attacker could provide a malicious value for \u0027llm_factory\u0027 that, when used as an index to these model dictionaries, results in the execution of arbitrary code."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T16:59:36.564Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/42ae0b27-e851-4b58-a991-f691a437fbaa"
}
],
"source": {
"advisory": "42ae0b27-e851-4b58-a991-f691a437fbaa",
"discovery": "EXTERNAL"
},
"title": "Remote Code Execution in infiniflow/ragflow"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2024-10131",
"datePublished": "2024-10-19T03:50:09.553Z",
"dateReserved": "2024-10-18T14:55:10.088Z",
"dateUpdated": "2024-10-22T19:11:02.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2024-10-19 04:15
Modified
2024-11-01 17:12
Severity ?
Summary
The `add_llm` function in `llm_app.py` in infiniflow/ragflow version 0.11.0 contains a remote code execution (RCE) vulnerability. The function uses user-supplied input `req['llm_factory']` and `req['llm_name']` to dynamically instantiate classes from various model dictionaries. This approach allows an attacker to potentially execute arbitrary code due to the lack of comprehensive input validation or sanitization. An attacker could provide a malicious value for 'llm_factory' that, when used as an index to these model dictionaries, results in the execution of arbitrary code.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@huntr.dev | https://huntr.com/bounties/42ae0b27-e851-4b58-a991-f691a437fbaa | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| infiniflow | ragflow | 0.11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:infiniflow:ragflow:0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CFDFA2-0908-48AA-B613-BC2B0FB248BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The `add_llm` function in `llm_app.py` in infiniflow/ragflow version 0.11.0 contains a remote code execution (RCE) vulnerability. The function uses user-supplied input `req[\u0027llm_factory\u0027]` and `req[\u0027llm_name\u0027]` to dynamically instantiate classes from various model dictionaries. This approach allows an attacker to potentially execute arbitrary code due to the lack of comprehensive input validation or sanitization. An attacker could provide a malicious value for \u0027llm_factory\u0027 that, when used as an index to these model dictionaries, results in the execution of arbitrary code."
},
{
"lang": "es",
"value": "La funci\u00f3n `add_llm` en `llm_app.py` en infiniflow/ragflow versi\u00f3n 0.11.0 contiene una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE). La funci\u00f3n utiliza la entrada proporcionada por el usuario `req[\u0027llm_factory\u0027]` y `req[\u0027llm_name\u0027]` para instanciar din\u00e1micamente clases de varios diccionarios de modelos. Este enfoque permite a un atacante ejecutar c\u00f3digo arbitrario debido a la falta de una validaci\u00f3n o desinfecci\u00f3n integral de la entrada. Un atacante podr\u00eda proporcionar un valor malicioso para \u0027llm_factory\u0027 que, cuando se utiliza como \u00edndice para estos diccionarios de modelos, da como resultado la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2024-10131",
"lastModified": "2024-11-01T17:12:26.297",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "security@huntr.dev",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-10-19T04:15:05.300",
"references": [
{
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://huntr.com/bounties/42ae0b27-e851-4b58-a991-f691a437fbaa"
}
],
"sourceIdentifier": "security@huntr.dev",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "security@huntr.dev",
"type": "Primary"
}
]
}