TROYANOSYVIRUS
Volver a CVEs

CVE-2025-68949

MEDIUM
5.3

Descripcion

n8n is an open source workflow automation platform. From 1.36.0 to before 2.2.0, the Webhook node’s IP whitelist validation performed partial string matching instead of exact IP comparison. As a result, an incoming request could be accepted if the source IP address merely contained the configured whitelist entry as a substring. This issue affected instances where workflow editors relied on IP-based access controls to restrict webhook access. Both IPv4 and IPv6 addresses were impacted. An attacker with a non-whitelisted IP could bypass restrictions if their IP shared a partial prefix with a trusted address, undermining the intended security boundary. This vulnerability is fixed in 2.2.0.

Detalles CVE

Puntuacion CVSS v3.15.3
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado1/13/2026
Ultima modificacion1/16/2026
Fuentenvd
Avistamientos honeypot0

Productos afectados

n8n:n8n

Debilidades (CWE)

CWE-134CWE-284

Referencias

https://github.com/n8n-io/n8n/commit/11f8597d4ad69ea3b58941573997fdbc4de1fec5(security-advisories@github.com)
https://github.com/n8n-io/n8n/issues/23399(security-advisories@github.com)
https://github.com/n8n-io/n8n/pull/23399(security-advisories@github.com)
https://github.com/n8n-io/n8n/security/advisories/GHSA-w96v-gf22-crwp(security-advisories@github.com)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.