216.73.217.139

Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet

· Published 18/06/2025 17:46 · Modified 23/06/2025 20:10

Export JSON

Essential information

Published
18/06/2025 17:46
Modified
23/06/2025 20:10
Tags
2025-06-18 CVE-2025-3248 botnet ddos exploit flodrix langflow rce
Related entities
41 observables, 11 techniques (mitre)

Description

An active campaign is exploiting , a critical vulnerability in versions before 1.3.0, to deliver the . Attackers use the flaw to execute downloader scripts on compromised servers, which then fetch and install the malware. The vulnerability allows full system compromise, attacks, and potential data exfiltration. Organizations using vulnerable versions on public networks are at high risk. The attack chain involves reconnaissance, exploitation of the CVE, deployment of a downloader script, and execution of the payload. The malware employs anti-forensic techniques and can perform various attacks based on commands from its C&C server.

External references