N8n Scanner
This scanner detects the use of N8n Exposure in digital assets.
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
18 days 13 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
-
N8n is an automation tool that allows users to connect various APIs and services for workflow automation. It is widely used by entrepreneurs, developers, and businesses seeking efficient and automated data handling. The platform is open source, enabling seamless integrations and custom modifications. Its RESTful API structure allows it to cater to diverse automation needs across different sectors. N8n's interface and community support make it a popular choice for developing complex automation processes. Organizations use N8n to automate repetitive tasks, improve productivity, and manage APIs effectively.
The vulnerability detected involves the exposure of the `/rest/settings` endpoint. When this endpoint is publicly accessible, it may reveal sensitive configuration details. This could include internal settings, application secrets, and other critical information. Exposure of such details can lead to unauthorized access and exploitation. The vulnerability primarily affects the security posture of applications using N8n. Ensuring endpoint security is crucial to prevent unauthorized information disclosure.
The vulnerable endpoint is `/rest/settings`, which could be exposed due to improper security configuration. This endpoint, when accessible, returns information like `isDocker`, `databaseType`, `nodeJsVersion`, `versionCli`, and `instanceId`. The HTTP request to this endpoint involves a GET method that, upon being exposed, responds with a 200 status and provides JSON content. Properly securing this endpoint is essential to mitigate potential data leaks. Application administrators should ensure that server configurations do not publicly expose sensitive endpoints.
Exploiting this vulnerability could allow attackers to retrieve internal configurations and application secrets. This information can enable further attacks, such as database tampering or unauthorized system changes. Attackers may exploit configuration exposures to penetrate deeper into the network, leading to potentially significant breaches. Ensuring tight configuration security can prevent these exposures and maintain system integrity. This vulnerability highlights the importance of regular security audits to detect and address configuration issues.
REFERENCES
