n8n Automation Platform Hit by Arbitrary Command Execution Flaw

A critical security vulnerability has been disclosed in n8n, a popular workflow automation platform, that enables authenticated users to execute arbitrary commands on the host system.

The flaw, tracked as GHSA-62r4-hw23-cc8v, affects the Python Code Node component and poses a significant risk to organizations using the platform for business process automation.

Sandbox Bypass Enables System-Level Access

The vulnerability stems from a sandbox bypass weakness in n8n’s Pyodide-based Python Code Node implementation.

Security researcher Cornelius Suermann from n8n published an advisory two weeks ago, warning that authenticated users with workflow-creation or modification privileges can exploit this flaw to breach the intended security boundaries.

Once exploited, attackers can execute arbitrary commands with the same system privileges as the n8n process, potentially compromising the entire server infrastructure.

This type of sandbox escape vulnerability is particularly dangerous in workflow automation platforms where multiple users may have legitimate access to create and modify automation scripts.

The flaw allows malicious insiders or compromised accounts to move beyond the restricted Python execution environment and interact directly with the underlying operating system.

All n8n versions from 1.0.0 up to but not including 2.0.0 are vulnerable to this arbitrary command execution issue. Organizations running these versions should prioritize patching immediately to prevent potential exploitation.

The vulnerability was addressed in n8n version 2.0.0, which introduces a more secure task-runner-based native Python implementation with enhanced isolation capabilities.

The new security model was first introduced as an optional feature in version 1.111.0, allowing early adopters to enable stronger sandboxing through the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER environment variables.

This implementation became the default security mechanism starting with the 2.0.0 release.

Organizations unable to immediately upgrade to version 2.0.0 have several temporary mitigation options available.

Administrators can altogether disable the vulnerable Code Node by setting the environment variable NODES_EXCLUDE to “[“n8n-nodes-base.code”]” in their configuration files.

Alternatively, they can disable only Python support within the Code Node by configuring N8N_PYTHON_ENABLED=false, a feature introduced in version 1.104.0.

The most secure temporary solution is to manually enable the task-runner-based Python sandbox on vulnerable versions 1.111.0 and later by setting the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER environment variables.

However, upgrading to version 2.0.0 remains the recommended permanent solution to address this critical security vulnerability fully.

Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyber Press as a Preferred Source in Google.

The post n8n Automation Platform Hit by Arbitrary Command Execution Flaw appeared first on Cyber Security News.