CVE-2025-68478
Insecure File Write in Langflow Allows Arbitrary Path Overwrite
Publication date: 2025-12-19
Last updated on: 2025-12-19
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| langflow | langflow | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-73 | The product allows user input to control or influence paths or file names that are used in filesystem operations. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Langflow (prior to version 1.7.0) allows an authenticated user to specify an arbitrary file system path via the `fs_path` parameter in a request. The server then serializes a Flow object into JSON and writes it directly to that path without any validation, normalization, or directory restrictions. This means users can overwrite files anywhere the server has permission, including critical system or application files, leading to potential disruption or further attacks. [1]
How can this vulnerability impact me? :
The vulnerability can lead to arbitrary file overwrite on the server, which may disrupt application behavior by overwriting configuration, log, or task files. Although it requires authentication, the attack complexity is low and no user interaction is needed. This can enable further attacks or denial of service by corrupting important files, impacting the integrity and availability of the system. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring requests to the Langflow server's create_flow endpoint for the presence of the `fs_path` parameter containing arbitrary or absolute file system paths. Since authentication is required, inspecting authenticated API requests for unusual or unexpected file paths (e.g., absolute paths like /etc/poc.txt) can indicate exploitation attempts. Additionally, checking for unexpected file creations or modifications on the file system, especially in sensitive directories, can help detect exploitation. Specific commands might include using network traffic analysis tools (e.g., tcpdump, Wireshark) to capture HTTP requests and grep for `fs_path` parameters, or using file system monitoring tools (e.g., inotifywait on Linux) to watch for file writes in critical directories. Example commands: 1) `tcpdump -A -s 0 'tcp port 80 or tcp port 443' | grep fs_path` 2) `inotifywait -m /etc /var /tmp` to monitor file changes in common directories targeted by the vulnerability. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading Langflow to version 1.7.0 or later, where the vulnerability is fixed. If upgrading is not immediately possible, restrict access to the vulnerable create_flow endpoint by limiting authentication credentials and network access. Implement strict validation and normalization of the `fs_path` parameter to enforce a root save directory and block absolute or traversal paths. Additionally, minimize file system permissions for the Langflow server process to prevent unauthorized file overwrites and block symlink traversal. Monitoring and alerting on suspicious file writes can also help mitigate impact until a full fix is applied. [1]