Fatihhcelik

**Name of the Vulnerable Software and Affected Versions** n8n versions prior to 2.2.0 n8n versions prior to 1.123.8 **Description** n8n is an open source workflow automation platform. An authenticated user with permission to create or modify workflows could chain the Read/Write Files from Disk node with git operations to achieve remote code execution. By writing to specific configuration files and then triggering a git operation, an attacker could execute arbitrary shell commands on the n8n host. The issue involves the interaction between the Read/Write Files from Disk node and git operations, potentially allowing an attacker to manipulate configuration files and subsequently execute commands. The `Read/Write Files from Disk` node and git operations are involved in the exploitation process. **Recommendations** Upgrade to n8n version 2.2.0 or later. Upgrade to n8n version 1.123.8 or later. If upgrading is not immediately possible, limit workflow creation and editing permissions to fully trusted users only. If upgrading is not immediately possible, disable the Read/Write Files from Disk node by adding `n8n-nodes-base.readWriteFile` to the `NODES EXCLUDE` environment variable.

**Name of the Vulnerable Software and Affected Versions** n8n versions prior to 1.123.17 n8n versions prior to 2.5.2 **Description** n8n is an open-source workflow automation platform. An authenticated user with permission to create or modify workflows can exploit crafted expressions in workflow parameters to trigger system command execution on the host running n8n. This allows for potential full server compromise, including the theft of API keys, credentials, and secrets. The issue stems from an expression escape vulnerability and incomplete AST-based sanitization. Public exploits are available. **Recommendations** Upgrade to n8n version 1.123.17 or later. Upgrade to n8n version 2.5.2 or later. As a temporary workaround, limit workflow creation and editing permissions to fully trusted users only. Deploy n8n in a hardened environment with restricted operating system privileges and network access.

**Name of the Vulnerable Software and Affected Versions** n8n versions prior to 1.123.10 n8n versions prior to 2.5.0 **Description** n8n, an open source workflow automation platform, contains a flaw in the Git node. This allows authenticated users with create or modify permissions for workflows to execute arbitrary system commands or read arbitrary files on the n8n host. The issue impacts systems where users have the ability to create or modify workflows. No information is available regarding the number of potentially affected devices worldwide or any real-world incidents of exploitation. The Git node is a component used for interacting with Git repositories. The `Git node` allows users to perform actions such as cloning, pulling, and pushing changes to Git repositories. **Recommendations** Upgrade to n8n version 1.123.10 or later. Upgrade to n8n version 2.5.0 or later. If upgrading is not immediately possible, limit workflow creation and editing permissions to fully trusted users only. If upgrading is not immediately possible, restrict or disable access to the Git node if it is not essential for operations. If upgrading is not immediately possible, deploy n8n in a hardened environment with restricted operating system privileges and network access.

**Name of the Vulnerable Software and Affected Versions** n8n versions prior to 2.10.1 n8n versions prior to 2.9.3 n8n versions prior to 1.123.22 **Description** n8n, an open source workflow automation platform, contains a critical Remote Code Execution (RCE) issue in its workflow expression evaluation system. An authenticated user with permission to create or modify workflows can exploit crafted expressions in workflow parameters to trigger unintended system command execution on the host running n8n. Successful exploitation could lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations. The issue stems from insufficient isolation of the expression evaluation context from the underlying runtime. **Recommendations** Upgrade to n8n version 2.10.1 or later. Upgrade to n8n version 2.9.3 or later. Upgrade to n8n version 1.123.22 or later. As a temporary workaround, limit workflow creation and editing permissions to fully trusted users only. As a temporary workaround, deploy n8n in a hardened environment with restricted operating system privileges and network access.

**Name of the Vulnerable Software and Affected Versions** n8n versions 0.211.0 through 1.120.3 n8n versions 1.121.0 through 1.121.0 n8n versions 1.122.0 (affected versions not specified) **Description** n8n contains a Remote Code Execution (RCE) flaw in its workflow expression evaluation system. Under certain conditions, expressions provided by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. This allows an authenticated attacker to execute arbitrary code with the privileges of the n8n process, potentially leading to full instance compromise, unauthorized access to sensitive data, modification of workflows, and execution of system-level operations. There are over 24,700 publicly accessible unpatched instances worldwide, primarily in North America and Europe. Real-world exploitation has been observed involving the Zerobot botnet hijacking automated workflows for malicious command execution. **Recommendations** Update to versions 1.120.4, 1.121.1, or 1.122.0. Limit workflow creation and editing permissions to fully trusted users only. Deploy n8n in a hardened environment with restricted operating system privileges and network access to reduce the impact of potential exploitation.