CVE-2026-2097

8.8 HIGH

Published 2026-02-10 · Modified 2026-02-10 · Received

Quick Summary

An authenticated attacker can upload malicious files to the Agentflow server. This allows them to run any code they want, potentially taking full control of the system.

Who is affected

All users of Flowring's Agentflow software are affected. An attacker could steal data, disrupt operations, or use the server to launch further attacks.

Recommended fix

Apply the security patch provided by Flowring immediately. If a patch is not available, restrict network access to the application and implement strict file type validation for all uploads.

Technical Description

Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

CVSS Details

Attack Vector

NETWORK

Complexity

LOW

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-434

References

https://www.twcert.org.tw/en/cp-139-10700-3534d-2.html
https://www.twcert.org.tw/tw/cp-132-10699-49c0b-1.html