Show HN: How a CVSS 10 bug gave full admin access to n8n

 n8n is one of the most popular workflow automation platforms, widely used as the backbone of enterprise automation systems.

Recently, a CVSS 10 vulnerability was discovered that allowed an unauthenticated attacker to fully compromise exposed n8n instances — from arbitrary file read to admin access and remote code execution.

This article explains how the vulnerability worked, why it was dangerous, and what lessons it teaches about secure request parsing.

What Was Discovered

The vulnerability affected n8n instances that exposed form-based workflows to the internet.

In short, it allowed:

• Arbitrary file read (unauthenticated)

• Extraction of internal databases and config files

• Session forgery using leaked secrets

• Full admin access

• Remote command execution

All without valid credentials.

The Root Cause: Content-Type Confusion

n8n webhooks rely on middleware that parses incoming requests differently based on the Content-Type header:

• multipart/form-data → file upload parser (Formidable)

• application/json → regular body parser

The issue was that the form webhook handler accessed req.body.files without verifying the content type.

This made it possible to:

1. Send a JSON request

2. Manually craft a files object

3. Trick the application into treating arbitrary file paths as uploaded files

Arbitrary File Read via Form Uploads

By modifying intercepted HTTP requests (using tools like Burp Suite), attackers could replace a legitimate file upload with a crafted payload pointing to internal files such as:

• n8n internal database

• Configuration files

• Encryption keys

These files were then loaded into the workflow’s knowledge base and became queryable.

Extracting Credentials Using AI Workflows

Once internal files were loaded, attackers could query the knowledge base using carefully crafted prompts.

This allowed extraction of:

• User IDs

• Email addresses

• Password hashes

• Encryption keys

At this point, everything required to forge a valid admin session was available.

Session Forgery and Admin Access

Using the leaked:

• User UUID

• Email

• Password hash

• Encryption key

Attackers could generate a valid authentication cookie by recreating the session signing logic.

Injecting this cookie instantly granted admin access — no login required.

Remote Code Execution

With admin privileges, attackers could:

• Create new workflows

• Use command execution nodes

• Run arbitrary shell commands

This resulted in full remote code execution on the n8n host.

Why the Blast Radius Is Massive

n8n often sits at the center of enterprise automation:

• CI/CD systems

• Cloud credentials

• CRM integrations

• AI API keys

• Internal documents (RAG systems)

Compromising n8n often means compromising everything connected to it.

Mitigation and Lessons Learned

• The vulnerability is patched

• There is no workaround

• All exposed instances must be updated

Key lessons:

• Never trust req.body without enforcing content-type validation

• File handling logic must be isolated and strictly gated

• Automation platforms have an outsized security impact

Final Thoughts

This vulnerability is a reminder that small parsing mistakes can lead to total compromise, especially in systems designed to connect everything together.

If you run n8n:

• Update immediately

• Restrict internet exposure

• Treat automation platforms as high-value targets