n8n Denial-of-Service Vulnerability in Binary Data Endpoint

A denial-of-service vulnerability has been identified in n8n, a workflow automation platform, prior to version 1.99.0. The issue occurs in the '/rest/binary-data' endpoint when handling empty filesystem URIs, specifically 'filesystem://' and 'filesystem-v2://'. This vulnerability allows authenticated attackers to disrupt service by sending malformed filesystem URI requests, leading to resource exhaustion and service unavailability. The problem is particularly pronounced on n8n.cloud instances, which have been observed to respond with HTTP/2 524 timeout errors.

Impact

Exploitation of this vulnerability causes significant service disruption and resource exhaustion, leading to a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by sending GET requests to the '/rest/binary-data' endpoint with empty filesystem URIs, either 'filesystem://' or 'filesystem-v2://'. This will trigger resource exhaustion and cause the service to become unavailable.

Remediation

Users are advised to upgrade to n8n version 1.99.0 or later, where this vulnerability has been patched.