An authenticated command injection vulnerability in n8n allows attackers to read arbitrary files from the host server, potentially resulting in full system compromise.

This is an authenticated command injection vulnerability where a user with permission to modify workflows can inject CLI flags into the Git node. By manipulating the Push operation, an attacker can bypass security controls to read sensitive files from the underlying n8n server.

The ability to read arbitrary files from the server represents a critical security failure, as it allows attackers to exfiltrate configuration files, secrets, or system credentials. With a CVSS score of 9.4, this vulnerability poses an extreme risk, potentially leading to a complete compromise of the workflow automation environment and all data processed therein.

Immediate Action: Upgrade n8n immediately to version 1.123.43, 2.22.1, or 2.20.7 to apply the necessary patches.

Proactive Monitoring: Review application and system logs for unexpected Git node activity or unusual CLI flag patterns originating from workflow operations.

Compensating Controls: Restrict permissions for creating or modifying workflows to trusted users only and implement strict network segmentation to limit the blast radius of a compromised node.

Public Exploit Available: No

Given the critical severity of this arbitrary file read vulnerability, organizations must prioritize patching the n8n environment immediately. Restricting workflow creation privileges is a necessary secondary measure to ensure that only verified personnel can interact with potentially dangerous node operations until the update is applied.