Description
Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
Published: 2026-02-10
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary code execution via uploaded backdoor
Action: Immediate Patch
AI Analysis

Impact

Agentflow, a product from Flowring, contains an arbitrary file upload flaw that permits authenticated remote users to upload files that the server subsequently executes as code. The vulnerability is classified as CWE-434, meaning the application fails to validate the type and content of uploaded files. When exploited, an attacker can deploy a web shell or other malicious payload to run arbitrary commands on the web server, fully compromising confidentiality, integrity, and availability of the affected system.

Affected Systems

The exposed product is Flowring Agentflow. No specific version numbers are listed in the available CNA data, so any deployed instance of Agentflow could be vulnerable unless the vendor has issued an update. The lack of version information means administrators should assume all installations require assessment.

Risk and Exploitability

The CVSS score of 8.7 indicates high severity, and the EPSS score, while below 1 percent, shows some low but non-zero exploitation probability. The vulnerability is not currently catalogued in CISA’s KEV list. Attackers would first need to obtain authenticated access to the Agentflow web interface, after which they can upload a malicious file typically via a non‑validated upload endpoint. No specific public exploits are documented, but the description confirms that a web shell can be executed.

Generated by OpenCVE AI on April 17, 2026 at 20:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any vendor‑issued patch or upgrade to the latest stable release of Agentflow as soon as possible.
  • Restrict the upload endpoint to accept only approved MIME types and file extensions, and enforce strict content checks before storage.
  • Configure the web server to prevent execution permissions on the upload directory, ensuring uploaded files cannot be run as code.

Generated by OpenCVE AI on April 17, 2026 at 20:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 13 Feb 2026 21:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:flowring:agentflow:-:*:*:*:*:*:*:*

Tue, 10 Feb 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 10 Feb 2026 12:45:00 +0000

Type Values Removed Values Added
First Time appeared Flowring
Flowring agentflow
Vendors & Products Flowring
Flowring agentflow

Tue, 10 Feb 2026 07:15:00 +0000

Type Values Removed Values Added
Description Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
Title Flowring|Agentflow - Arbitrary File Upload
Weaknesses CWE-434
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Flowring Agentflow
cve-icon MITRE

Status: PUBLISHED

Assigner: twcert

Published:

Updated: 2026-02-10T15:39:41.776Z

Reserved: 2026-02-06T11:02:49.215Z

Link: CVE-2026-2097

cve-icon Vulnrichment

Updated: 2026-02-10T15:39:36.856Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-10T07:16:14.303

Modified: 2026-02-13T20:51:42.637

Link: CVE-2026-2097

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T21:00:12Z

Weaknesses