n8n Python Code Node Sandbox Bypass Vulnerability Allowing Arbitrary Command Execution

A sandbox bypass vulnerability has been identified in the Python Code Node of n8n, an open-source workflow automation platform, affecting versions 1.0.0 prior to 2.0.0. This vulnerability allows an authenticated user with the ability to create or modify workflows to execute arbitrary commands on the host system where n8n is running, using the same privileges as the n8n process. The issue arises in the Pyodide-based Python Code Node, where the sandboxing mechanism can be bypassed.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of commands on the host system, potentially allowing for significant disruption or manipulation of the system's operations and resources.

Remediation

Users can upgrade to n8n version 2.0.0 or later, where this vulnerability has been patched. For those using n8n version 1.111.0 or later, the task-runner-based native Python implementation can be enabled as a more secure option by configuring the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER environment variables. Additional workarounds include disabling the Code Node or Python support in the Code node through specific environment variable settings.