Remote Code Execution Vulnerability in FlowiseAI Product
CVE-2024-31621

Currently unrated

Key Information:

Vendor: FlowiseAI Inc
Status: Flowise
Vendor: CVE Published:; 29 April 2024

What is CVE-2024-31621?

A security issue in FlowiseAI's Flowise product up to version 1.6.2 allows remote attackers to execute arbitrary code through a specially crafted script sent to the api/v1 endpoint. This vulnerability poses serious risks, as it enables attackers to leverage the flaw for malicious purposes, potentially compromising the integrity and security of affected systems.

References

https://flowiseai.com/

https://www.exploit-db.com/exploits/52001

EPSS Score

22% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 29, 2024

FlowiseAI Inc

What is CVE-2024-31621?

References

EPSS Score

Timeline