CVE-2025-57749 – A symlink traversal vulnerability in n8n's Read... (How to Fix)

Q: What is the severity of CVE-2025-57749?

CVE-2025-57749 has a CVSS score of 6.5 (MEDIUM). A symlink traversal vulnerability in n8n's Read/Write File node allows attackers to bypass directory restrictions. By creating symbolic links, attackers can read from or write to otherwise inaccessible paths. Only self-hosted n8n instances are affected; n8n.cloud users are not impacted.

📋 TL;DR

A symlink traversal vulnerability in n8n's Read/Write File node allows attackers to bypass directory restrictions. By creating symbolic links, attackers can read from or write to otherwise inaccessible paths. Only self-hosted n8n instances are affected; n8n.cloud users are not impacted.

💻 Affected Systems

Products:

n8n

Versions: All versions before 1.106.0

Operating Systems: All platforms where n8n runs

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects self-hosted n8n instances; n8n.cloud users are not vulnerable.

📦 What is this software?

N8n by N8n

View all CVEs affecting N8n →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through arbitrary file read/write, potentially leading to credential theft, data exfiltration, or remote code execution.

🟠

Likely Case

Unauthorized access to sensitive files (configuration files, credentials, application data) or modification of critical system files.

🟢

If Mitigated

Limited impact if proper access controls, network segmentation, and least privilege principles are enforced.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires attacker to have ability to create symlinks, which can be achieved through the Execute Command node or other means.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.106.0 or later

Vendor Advisory: https://github.com/n8n-io/n8n/security/advisories/GHSA-ggjm-f3g4-rwmm

Restart Required: No

Instructions:

1. Update n8n to version 1.106.0 or later using your package manager or deployment method. 2. Verify the update completed successfully. 3. No restart required for n8n itself, but ensure any dependent services are functioning correctly.

🔧 Temporary Workarounds

Restrict Execute Command Node Access

all

Limit or disable the Execute Command node to prevent symlink creation capability.

Implement File System Restrictions

all

Use operating system-level controls to restrict n8n's file system access to only necessary directories.

🧯 If You Can't Patch

Implement strict access controls on the Execute Command node to prevent unauthorized users from creating symlinks.
Deploy n8n in a containerized environment with read-only file systems or minimal file system access.

🔍 How to Verify

Check if Vulnerable:

Check n8n version; if it's below 1.106.0, the system is vulnerable.

Check Version:

npx n8n --version or check package.json version in n8n installation directory.

Verify Fix Applied:

Confirm n8n version is 1.106.0 or higher and test that symlink traversal attempts are properly blocked.

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns in n8n logs
Multiple failed attempts to access restricted directories
Symlink creation events in system logs

Network Indicators:

Unexpected outbound data transfers from n8n instance

SIEM Query:

source="n8n" AND (event="file_access" OR event="command_execution") AND (path CONTAINS "/etc/" OR path CONTAINS "/root/" OR path CONTAINS "/home/")

📊 Metadata

CVE ID: CVE-2025-57749

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-59

EPSS Score: 0.08% exploit probability (24.5th percentile)

Published: August 20, 2025

Last Updated: September 3, 2025

🔗 References

https://github.com/n8n-io/n8n/pull/17735 Patch
https://github.com/n8n-io/n8n/security/advisories/GHSA-ggjm-f3g4-rwmm Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-57749, you might also want to check these: