CVE-2025-68668
📋 TL;DR
This CVE describes a sandbox bypass vulnerability in n8n's Python Code Node that allows authenticated users with workflow creation/modification permissions to execute arbitrary commands on the host system. The vulnerability affects n8n versions 1.0.0 through 1.x.x, enabling remote code execution with the same privileges as the n8n process.
💻 Affected Systems
- n8n
📦 What is this software?
N8n by N8n
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of the host system running n8n, allowing attackers to execute arbitrary commands, install malware, exfiltrate data, or pivot to other systems.
Likely Case
Authenticated attackers with workflow permissions gain shell access to the n8n host, potentially leading to data theft, service disruption, or lateral movement.
If Mitigated
Limited impact if proper network segmentation, least privilege, and monitoring are in place, though the vulnerability still provides initial access.
🎯 Exploit Status
Exploitation requires authenticated access but is straightforward once authentication is obtained. Public proof-of-concept exists in the referenced advisory.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.0.0
Vendor Advisory: https://github.com/n8n-io/n8n/security/advisories/GHSA-62r4-hw23-cc8v
Restart Required: Yes
Instructions:
1. Backup n8n configuration and data. 2. Update n8n to version 2.0.0 or later using your deployment method (Docker, npm, etc.). 3. Restart the n8n service. 4. Verify the update was successful.
🔧 Temporary Workarounds
Disable Python Code Node
allCompletely disables the vulnerable Code Node functionality
export NODES_EXCLUDE='["n8n-nodes-base.code"]'
Disable Python Support
allDisables Python execution in Code Node while keeping other functionality
export N8N_PYTHON_ENABLED=false
Enable Task Runner Sandbox
allUses more secure task runner based Python sandbox
export N8N_RUNNERS_ENABLED=true
export N8N_NATIVE_PYTHON_RUNNER=true
🧯 If You Can't Patch
- Immediately implement workarounds to disable vulnerable functionality
- Restrict access to n8n interface to only trusted users and implement network segmentation
🔍 How to Verify
Check if Vulnerable:
Check n8n version: if between 1.0.0 and 1.x.x, you are vulnerable. Also check if Python Code Node is enabled.Check Version:
n8n --version or check package.json version in installation directoryVerify Fix Applied:
Verify n8n version is 2.0.0 or later. Confirm Python Code Node functionality is either patched or disabled via workarounds.📡 Detection & Monitoring
Log Indicators:
- Unusual Python code execution in workflow logs
- Suspicious command execution patterns
- Multiple failed authentication attempts followed by workflow modifications
Network Indicators:
- Unexpected outbound connections from n8n host
- Command and control traffic patterns
SIEM Query:
source="n8n" AND ("python" OR "exec" OR "subprocess") AND workflow_modified=true