CVE-2024-36420

HIGH NUCLEI LAB

Flowise 1.4.3 - Arbitrary File Read via OpenAI Assistants File Endpoint

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-36420. PoCs published by fineman999. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a functional Nuclei template and Docker-based lab for CVE-2024-36420, an arbitrary file read vulnerability in Flowise 1.4.3 via unsanitized fileName parameter in the /api/v1/openai-assistants-file endpoint. The PoC includes detailed reproduction steps and validation against both vulnerable and patched versions.

Description

Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, the `/api/v1/openai-assistants-file` endpoint in `index.ts` is vulnerable to arbitrary file read due to lack of sanitization of the `fileName` body parameter. No known patches for this issue are available.

Exploits (1)

github WORKING POC

by fineman999 · poc

https://github.com/fineman999/POC_CVE-2024-36420

View Code ZIP pw:eip

This repository contains a functional Nuclei template and Docker-based lab for CVE-2024-36420, an arbitrary file read vulnerability in Flowise 1.4.3 via unsanitized fileName parameter in the /api/v1/openai-assistants-file endpoint. The PoC includes detailed reproduction steps and validation against both vulnerable and patched versions.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Flowise 1.4.3

No auth needed

Prerequisites: Docker environment · Nuclei for template validation

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed May 19, 2026 Full analysis →

Nuclei Templates (1)

Flowise 1.4.3 - Arbitrary File Read

HIGHVERIFIEDby fineman999

References (2)

Core 2

Core References

Exploit, Third Party Advisory x_refsource_confirm

https://securitylab.github.com/advisories/GHSL-2023-232_GHSL-2023-234_Flowise/

Product x_refsource_misc

https://github.com/FlowiseAI/Flowise/blob/e93ce07851cdc0fcde12374f301b8070f2043687/packages/server/src/index.ts#L982

View Writeup ZIP pw:eip

Scores

CVSS v3 7.5

EPSS 0.5749

EPSS Percentile 98.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Lab Environment

COMMUNITY

Community Lab

docker pull flowiseai/flowise:1.4.3

https://github.com/FlowiseAI/Flowise

https://github.com/fineman999/POC_CVE-2024-36420

View in Library

Details

CWE

CWE-74

Status published

Products (2)

flowiseai/flowise 1.4.3

npm/flowise 0npm

Published Jul 01, 2024

Tracked Since Feb 18, 2026