Flowinsight CVE-2025-32311 Command Injection Leading to Docker Container Escape

Summary of Command Injection and Docker Container Escape Vulnerabilities Vulnerability Overview Title: Command Injection and Docker container escape allows root on host machine Published by: dextermorgan Published time: 9 hours ago CVE ID: CVE-2025-32311 Severity: Critical (严重) Description: Flowinsight allows users to create investigations for managing sketches and analysis. Sketches contain information about OSINT targets (usernames, websites, etc.) and relationships between nodes. Nodes can have automated processes executed on nodes called “transformers”. A remote attacker can create a sketch, then trigger the “org_to_asn” transformation to execute arbitrary OS commands on organization nodes, thereby executing commands on the host with root privileges. Details: An attacker can achieve arbitrary command execution via command substitution using the syntax. The following code snippet exists at lines 64–70 in : In the execution path, the “name” parameter is controlled by the user in the POST request to . Since the command is executed with and contains interpolated variables, it is vulnerable to command injection. Once a shell is established via command injection, the Docker socket is mounted inside the container, allowing the attacker to escape the container with root privileges in a new Docker container and mount the host filesystem. Impact Scope The attacker gains root access to the host running Flowinsight, resulting in complete system compromise. This allows the attacker to: Compromise the confidentiality of sensitive data Potentially cause service disruption Infect the host with malware Perform any other malicious actions Remediation Affected versions: <859315731c0f5f8fdf7e4cd0 v1.2.3, 2d3bfe291b230d057 Fixed version: 2d3bfe291b230d057 POC Code

Goal Reached Thanks to every supporter — we hit 100%!

Flowinsight CVE-2025-32311 Command Injection Leading to Docker Container Escape

More from this source