Full Report
Cybersecurity researchers have called attention to a new campaign that's actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware. "Attackers use the vulnerability to execute downloader scripts on compromised Langflow servers, which in turn fetch and install the Flodrix malware," Trend Micro researchers Aliakbar Zahravi, Ahmed Mohamed
Analysis Summary
# Vulnerability: Langflow RCE Exploited by Flodrix Botnet
## CVE Details
- CVE ID: CVE-2025-3248
- CVSS Score: 9.8 (Critical)
- CWE: Missing Authentication for Sensitive Function
## Affected Systems
- Products: Langflow (Python-based visual framework for building AI applications)
- Versions: Prior to 1.3.0
- Configurations: Internet-exposed instances.
## Vulnerability Description
CVE-2025-3248 is a critical missing authentication vulnerability within Langflow. Since the framework does not enforce input validation or sandboxing on inputs destined for execution, successful exploitation allows unauthenticated attackers to execute crafted HTTP requests that lead to Remote Code Execution (RCE) within the server's context.
## Exploitation
- Status: Exploited in the wild
- Complexity: Low
- Attack Vector: Network
- Narrative: Threat actors are leveraging publicly available Proof-of-Concept (PoC) code to target unpatched instances. The exploit executes downloader scripts that fetch and install the Flodrix botnet malware, which is then used to conduct DDoS attacks and perform reconnaissance.
## Impact
- Confidentiality: High (Enables execution of arbitrary code, allowing system traversal)
- Integrity: High (Allows remote code execution and installation of malware)
- Availability: High (Used to launch distributed denial-of-service (DDoS) attacks)
## Remediation
### Patches
- Langflow version 1.3.0 (Patched in March 2025) is available.
### Workarounds
- Restrict network access to Langflow instances to only trusted IP addresses.
- Implement robust WAF rules to block suspicious HTTP requests targeting the application entry points, if applicable.
## Detection
- Indicators of Compromise:
- Observation of network traffic originating from the compromised server attempting to connect to `80.66.75[.]121:25565` to fetch a shell script downloader.
- Discovery of unknown shell scripts performing file operations related to malware installation or persistence.
- System processes enumerating the `/proc` directory (a known behavior of the Flodrix variant discovered).
- Elevated outbound network traffic patterns indicative of DDoS participation.
- Detection methods and tools:
- Monitor network egress traffic for anomalous connections to known C2/download infrastructure.
- Endpoint Detection and Response (EDR) systems should look for the execution of unexpected shell scripts or binary invocations by the Langflow process.
## References
- Vendor advisory (Implied fix in v1.3.0)
- Trend Micro Technical Report: hxxps://www.trendmicro.com/en_us/research/25/f/langflow-vulnerability-flodric-botnet.html
- CISA Alert Flagging Active Exploitation: hxxps://thehackernews.com/2025/05/critical-langflow-flaw-added-to-cisa.html
- Public PoC Repository: hxxps://github.com/verylazytech/CVE-2025-3248