CVE-2025-68697
📋 TL;DR
In self-hosted n8n instances prior to version 2.0.0, authenticated users with workflow editing access can exploit the Code node's legacy JavaScript execution mode to invoke internal helper functions. This allows attackers to read and write files on the host system with the same privileges as the n8n process. Only self-hosted n8n instances using legacy JavaScript execution mode are affected.
💻 Affected Systems
- n8n
📦 What is this software?
N8n by N8n
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of the host system through arbitrary file read/write, potentially leading to data exfiltration, ransomware deployment, or lateral movement within the network.
Likely Case
Unauthorized access to sensitive files on the host, including configuration files, credentials, or application data stored in accessible directories.
If Mitigated
Limited file access to a restricted directory with no sensitive data, preventing significant damage while maintaining workflow functionality.
🎯 Exploit Status
Exploitation requires authenticated access with workflow editing permissions. The vulnerability is straightforward to exploit once access is obtained.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.0.0
Vendor Advisory: https://github.com/n8n-io/n8n/security/advisories/GHSA-j4p8-h8mh-rh8q
Restart Required: Yes
Instructions:
1. Backup your n8n data and workflows. 2. Update n8n to version 2.0.0 or later using your package manager or deployment method. 3. Restart the n8n service. 4. Verify the update was successful.
🔧 Temporary Workarounds
Restrict file access to dedicated directory
linuxLimit file operations to a specific directory that contains no sensitive data
export N8N_RESTRICT_FILE_ACCESS_TO=~/.n8n-files
Block access to n8n configuration files
allMaintain default setting to prevent access to .n8n and user-defined config files
export N8N_BLOCK_FILE_ACCESS_TO_N8N_FILES=true
Disable high-risk nodes
allExclude Code node and other high-risk nodes if workflow editors are not fully trusted
export NODES_EXCLUDE=n8n-nodes-base.code
🧯 If You Can't Patch
- Implement all workarounds listed above to minimize attack surface
- Restrict workflow editing permissions to only trusted users and implement strict access controls
🔍 How to Verify
Check if Vulnerable:
Check if n8n version is below 2.0.0 and if Code nodes are configured to use legacy JavaScript execution modeCheck Version:
n8n --versionVerify Fix Applied:
Confirm n8n version is 2.0.0 or higher and that the Code node no longer allows invocation of internal helper functions📡 Detection & Monitoring
Log Indicators:
- Unusual file access patterns from n8n process
- Multiple failed file access attempts outside restricted directories
- Suspicious workflow executions with Code nodes
Network Indicators:
- Unexpected outbound file transfers from n8n host
- Unusual network connections from n8n process
SIEM Query:
process.name:n8n AND (file.path:* OR file.operation:write) AND NOT file.path:/home/*/.n8n-files/*