This Python-based scanner automates the detection of unauthenticated Remote Code Execution (RCE) vulnerabilities in Langflow instances via CVE-2025-3248. It uses a proof-of-concept payload that abuses the /api/v1/validate/code endpoint to execute arbitrary shell commands.
- CVE: CVE-2025-3248
- Impact: Unauthenticated Remote Code Execution
- Component: Langflow API (
/api/v1/validate/code) - Exploit: Injection via dynamic code evaluation
- Risk: Critical
- π Batch scan multiple targets from a file
- β‘οΈ Multi-threaded for fast performance
- β
Validates RCE by checking for expected command output (e.g.,
uid=) - π Outputs vulnerable targets to
vuln.txt - 𧱠Clean, modular code structure
- Python 3.x
requestslibrary
Install dependencies:
pip install requests
- Add targets (with or without http(s)://) to targets.txt, one per line:
http://example.com
192.168.1.100:7860
https://target.net
- Run the script:
python3 scanner.py
- Check vuln.txt for successful exploitation results:
http://vulnerable-target.com | uid=1000(user) gid=1000(user) groups=1000(user)
Modify the following values at the top of the script as needed:
COMMAND: Shell command to execute (default: id)
EXPECTED_SUBSTRING: Substring to confirm execution (default: uid=)
THREADS: Number of concurrent threads (default: 20)
This tool is provided for educational and authorized security testing only. Unauthorized access to systems is illegal and unethical. You are solely responsible for your use of this code.
Exploit Author: ynsmroztas
Script Refactor: ill deed
MIT License β use responsibly.