Unsupervised OS command execution leads to remote code execution by...

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks role-based access controls (RBAC). Furthermore, in Flowise versions before 3.0.1 the default installation operates without authentication unless explicitly configured. This combination allows unauthenticated network attackers to execute unsandboxed OS commands.

AI Analysis

The vulnerability allows unauthenticated network attackers to execute arbitrary OS commands on Flowise installations due to lack of authentication and role-based access controls in versions before 3.0.1.

Basic Information

ID CVE-2025-8943

Source JFROG

Published Aug 14, 2025 at 09:54

Affected Product

Affected Versions 0

AI Assessment

AI Score 9.8 / 10

AI Severity CRITICAL

Vendor Flowise

Product Flowise

Version before 3.0.1

References

research.jfrog.com /vulnerabilities/flowise-os-command-remote-code-execution-jfsa-2025-001380578/

{
    "lastseen": "",
    "description": "The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks role-based access controls (RBAC). Furthermore, in Flowise versions before 3.0.1 the default installation operates without authentication unless explicitly configured. This combination allows unauthenticated network attackers to execute unsandboxed OS commands.",
    "published": "2025-08-14T09:54:22.531Z",
    "modified": "2025-08-14T09:54:22.531Z",
    "type": "cve",
    "title": "Unsupervised OS command execution leads to remote code execution by unauthenticated network attackers",
    "source": "JFROG",
    "references": "https://research.jfrog.com/vulnerabilities/flowise-os-command-remote-code-execution-jfsa-2025-001380578/",
    "id": "CVE-2025-8943",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "  0",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "",
    "version": "0",
    "vendor": "",
    "ai_description": "The vulnerability allows unauthenticated network attackers to execute arbitrary OS commands on Flowise installations due to lack of authentication and role-based access controls in versions before 3.0.1.",
    "ai_severity": "CRITICAL",
    "ai_vendor": "Flowise",
    "ai_product": "Flowise",
    "ai_version": "before 3.0.1",
    "ai_score": 9.8
}

Unsupervised OS command execution leads to remote code execution by unauthenticated network attackers_CVE-2025-8943