CVE-2025-68613 is a Remote Code Execution (RCE) vulnerability found in the n8n AI workflow automation platform, disclosed on December 21, 2025. The flaw stems from improper sandboxing of JavaScript expressions evaluated within workflows. Any authenticated user, even with minimal privileges, can exploit it to execute arbitrary system commands on the underlying host. Because n8n instances are often exposed to the internet and connected to APIs, CI/CD pipelines, and cloud services, this issue poses a severe risk of full system compromise, credential theft, and lateral movement across environments.
Severity: Critical
Vulnerability Summary
- CVE ID: CVE-2025-68613
- CVSS Score: 9.9
- Affected Versions: n8n v0.211.0 – v1.120.3
- Patched Versions: v1.120.4, v1.121.1, v1.122.0 and later
- Description: The vulnerability exists because n8n evaluates user-supplied JavaScript expressions (wrapped in {{ }}) server-side without adequate isolation. During this evaluation, the expression context exposes the Node.js global ’this’ object, which contains access to:
- process.mainModule.require
- child_process (for command execution)
- Other sensitive runtime modules
As a result, attackers can run arbitrary OS commands and access sensitive environment variables, credentials, and configuration data.
Exploitation Scenarios
- Scenario A – External Attacker:
• Registers a low-privilege n8n account
• Creates a malicious workflow using crafted expressions
• Executes the workflow to steal credentials or execute commands remotely - Scenario B – Insider Threat:
• Legitimate user with workflow creation rights injects RCE payloads into a legitimate task
• Extracts sensitive data or creates persistence mechanisms - Scenario C – Supply Chain Attack:
• An imported third-party workflow template contains hidden malicious expressions
• On execution, it compromises the server.
Vulnerable Interfaces
Attackers can exploit the vulnerability through multiple n8n interfaces:
- Web UI: Workflow Editor (/workflow/new)
- REST APIs:
- POST /rest/workflows (create workflow)
- PUT /rest/workflows/:id (update workflow)
- POST /rest/workflows/:id/execute (run workflow)
- Webhook Endpoints: Trigger-based workflows processing untrusted data.
Detection Indicators
Security teams should monitor:
- Workflows containing suspicious references (this.process, mainModule.require, child_process, etc.)
- Logs with unexpected command executions
- Outbound network traffic to unknown IPs (reverse shells or data exfiltration)
- Large POST requests or anomalies from n8n containers.
Recommendations
- Upgrade to a patched version by running the following commands:
- npm install -g n8n@latest
- docker pull n8nio/n8n:latest
- docker-compose down && docker-compose up -d
Verify patch success: n8n –version. Expected version ≥ v1.122.0
- Apply WAF rules to block requests containing: this.process, mainModule.require, child_process, process.binding, Module._load
- Mitigations: If upgrading is not immediately possible, administrators should consider the following temporary mitigations,
- Limit workflow creation and editing permissions to fully trusted users only.
- Deploy n8n in a hardened environment with restricted operating system privileges and network access to reduce the impact of potential exploitation.
- Disable public user registration
- Audit all existing workflows
- Run n8n as a non-root user
Source:
- https://blog.securelayer7.net/cve-2025-68613-n8n-rce-exploitation/
- https://censys.com/advisory/cve-2025-68613
- https://github.com/n8n-io/n8n/security/advisories/GHSA-v98v-ff95-f3cp
Enjoyed reading this Threat Intelligence Advisory? Stay updated with our latest exclusive content by following us on Twitter and LinkedIn
No related posts found.