Horizon Alert
Summary of the vulnerability and why it matters
This advisory details a critical vulnerability in the n8n workflow automation platform that could allow an authenticated user to execute arbitrary code on the affected instance. The issue stems from a flaw in how certain parameters are handled, which, when combined with other techniques, can lead to a compromise of the entire system. While this vulnerability is fixed in later versions, its potential impact on automated processes and connected systems warrants attention to confirm relevance and exposure.
- Workflow automation tool has a critical security flaw.
- Attack could allow code execution on company systems.
- Confirm relevance and exposure to automated workflows.
Attack Path
How an attacker could exploit the issue
An attacker with permissions to create or modify workflows could exploit a flaw in the HTTP Request node. By manipulating an unvalidated pagination parameter, they can trigger a global prototype pollution vulnerability. This, when combined with other techniques, could lead to remote code execution on the n8n instance.
- Authenticated user with workflow creation/modification permission.
- Unvalidated pagination parameter in HTTP Request node.
- Potential for remote code execution on the instance.
Live Threat
Current exploitation, exposure, and threat context
When supported by the advisory, an authenticated user with workflow modification permissions could exploit this vulnerability by manipulating an unvalidated pagination parameter within the HTTP Request node. This, combined with other techniques, could lead to the execution of arbitrary code on the n8n instance.
- Workflow data and system integrity could be at risk.
- Malicious input via HTTP Request node parameters.
- Potential for arbitrary code execution on the instance.
Operational Fix
Recommended remediation, mitigation, and detection steps
The n8n workflow automation platform, when deployed and exposed, may require action from platform or application owners responsible for its instances. The first practical step involves identifying all n8n deployments, assessing their network reachability and criticality, and then coordinating remediation with the responsible teams.
- Platform and application owners should lead.
- Verify instance exposure and business criticality.
- Plan remediation based on confirmed risk.