n8n Remote Code Execution Vulnerability in Git Node

A remote code execution vulnerability has been identified in n8n, an open-source workflow automation platform, affecting versions 0.121.2 and prior. This vulnerability allows authenticated attackers to execute malicious code through the n8n service, potentially leading to a complete compromise of the affected instance. Both self-hosted and n8n Cloud instances are vulnerable. The issue arises from the Git node's handling of repository paths, which can be exploited to execute untrusted code.

Impact

Exploitation of this vulnerability allows for authenticated remote code execution on the affected n8n instance.

Reproduction

To reproduce this vulnerability, an authenticated user can use the Git node to access a repository path that is not allowed. The Git node will execute code based on the repository path provided. If the path is blocked, the node will throw an error, but this check can be bypassed in versions prior to the patch.

Remediation

Users are advised to upgrade to n8n version 1.121.3 or later. If an immediate upgrade is not possible, the Git node can be disabled and access for untrusted users can be limited to reduce exposure.