CVE-2025-68613

This repository provides a functional exploit for CVE-2025-68613, demonstrating arbitrary code execution in n8n's workflow expression evaluation system. The exploit leverages improper isolation of the execution context to access Node.js system modules via crafted expressions.

This repository contains a Nuclei template for detecting vulnerable n8n instances affected by CVE-2025-68613, a critical RCE vulnerability in the workflow automation platform. The template extracts version information from the signin page and checks against known vulnerable version ranges.

This repository contains a functional exploit for CVE-2025-68613, an expression injection vulnerability in n8n leading to RCE. It includes a detailed bug fix analysis, scanner, and exploit script with corrected authentication and response parsing logic.

This repository contains a functional exploit for CVE-2025-68613, targeting an expression injection vulnerability in n8n that leads to remote code execution (RCE). The exploit authenticates to the n8n instance, creates a malicious workflow with a crafted expression, and executes arbitrary commands via Node.js child_process module.

The repository claims to be an advanced exploitation framework for CVE-2025-68613 but lacks actual exploit code, instead focusing on marketing language and external dependencies. The README is overly promotional with no technical details about the vulnerability or exploitation mechanics.

The repository contains a functional exploit for CVE-2025-68613, an expression injection vulnerability in n8n workflow automation platform that allows authenticated users to achieve remote code execution via Node.js global context access. It includes both detection (scanner) and exploitation tools with multiple payloads.

This repository contains a functional exploit for CVE-2025-68613, an authenticated RCE vulnerability in n8n workflow automation tool. The exploit leverages expression injection to bypass the sandbox and execute arbitrary commands via a crafted workflow payload.

This repository provides a detailed technical analysis and exploitation walkthrough for CVE-2025-68613, an expression injection vulnerability in n8n workflow automation platform leading to RCE. It includes payload breakdowns, step-by-step exploitation, and detection strategies.

This repository provides a detailed technical analysis of CVE-2025-68613, a critical RCE vulnerability in n8n workflow automation. It includes root cause analysis, exploitation walkthrough, and mitigation strategies, but does not contain functional exploit code.

This repository contains a functional Python exploit for CVE-2025-68613, targeting a sandbox escape vulnerability in n8n's expression evaluator. The exploit demonstrates RCE by creating a malicious workflow with a Code node or expression-based payload to execute arbitrary commands.

The repository contains a functional Server-Side Template Injection (SSTI) payload for CVE-2025-68613, which exploits a critical RCE vulnerability in n8n workflow automation platform. The payload leverages JavaScript expression evaluation to execute arbitrary commands via Node.js's child_process module.

This repository contains a Tkinter-based GUI tool designed to scan for publicly exposed n8n instances using Shodan and test them for vulnerability to CVE-2025-68613. It queries Shodan, probes key endpoints, and classifies hosts based on version and connectivity, storing results in a SQLite database.

This repository provides a detailed technical analysis of CVE-2025-68613, an expression injection vulnerability in n8n leading to RCE. It includes root cause analysis, patch diffs, and multiple PoC payloads demonstrating the exploit chain.

This repository provides a functional Proof of Concept (PoC) for CVE-2025-68613, demonstrating a sandbox escape vulnerability in n8n versions prior to 1.122.0. The PoC includes detailed steps and payloads to exploit the vulnerability, allowing authenticated users to execute arbitrary code on the host system via JavaScript expressions in the workflow editor.

This repository contains a functional exploit PoC for CVE-2025-68613, an authenticated RCE vulnerability in n8n workflow automation tool. The exploit leverages the Pocsuite3 framework to create, execute, and clean up malicious workflows that execute arbitrary system commands via Node.js code injection.

This repository contains a functional exploit for CVE-2025-68613, demonstrating remote code execution (RCE) in n8n via workflow manipulation. The exploit authenticates, creates a malicious workflow, and executes arbitrary commands through Node.js payload injection.

This repository contains a functional exploit PoC and scanner for CVE-2025-68613, an expression injection vulnerability in n8n Workflow Automation Platform leading to authenticated RCE. The exploit supports multiple payloads (info, cmd, env, read, write, revshell) and requires valid credentials.

This repository contains a functional exploit for CVE-2025-68613, an authenticated RCE vulnerability in n8n due to unsafe workflow expression evaluation. The exploit includes both a scanner for version detection and a PoC that demonstrates arbitrary code execution via crafted workflow expressions.

This repository contains a functional proof-of-concept exploit for CVE-2025-68613, demonstrating remote code execution (RCE) in n8n by injecting a JavaScript payload into a workflow node. The exploit leverages Node.js's `child_process` module to execute arbitrary commands.

This repository contains a functional exploit for CVE-2025-68613, an RCE vulnerability in n8n workflow automation platform. The exploit leverages the `executeCommand` node to execute arbitrary OS commands via authenticated workflow creation.

This repository contains a functional exploit for CVE-2025-68613, targeting n8n workflow automation software. The exploit leverages a server-side template injection vulnerability to execute arbitrary commands, demonstrated by reading a flag file.

The repository contains a functional exploit for CVE-2025-68613, targeting n8n workflow automation platform. It includes an automated exploitation template that authenticates, creates a malicious workflow with RCE payload, and extracts system information. Additionally, it provides a version detection template to identify vulnerable instances.

This repository contains a functional exploit tool for CVE-2025-68613, targeting n8n workflow automation platform versions 0.211.0 to 1.121.0. The tool supports scanning, authentication-based exploitation, and multiple payload types including interactive shell, command execution, and reverse shell.

This repository contains a functional Python exploit for CVE-2025-68613, targeting an expression injection vulnerability in n8n. The exploit authenticates, creates a malicious workflow, and executes arbitrary commands via crafted JavaScript payloads.

This repository provides a functional proof-of-concept exploit for CVE-2025-68613, a critical RCE vulnerability in n8n workflow automation tool. The exploit leverages improper sanitization in the expression evaluator to access the Node.js process object and execute arbitrary commands via the child_process module.

This repository provides a scanner and safe PoC for CVE-2025-68613, which affects n8n workflow automation due to inadequate expression engine isolation. The tool detects vulnerable versions and validates metadata exposure without performing RCE.

The repository contains a functional exploit for CVE-2025-68613, targeting n8n workflow automation. It includes a Python script that creates a malicious workflow to execute arbitrary commands via expression injection, along with a safe scanner to check for vulnerability exposure.

This repository provides a comprehensive technical analysis of CVE-2025-68613, a critical RCE vulnerability in n8n's expression evaluation system. It includes root cause analysis, exploitation methodology, detection engineering, and mitigation guidance.

This repository provides a functional proof-of-concept for CVE-2025-68613, an expression injection RCE vulnerability in n8n. It includes a Docker setup to reproduce the vulnerability and a step-by-step guide to exploit it via a crafted payload in the n8n workflow.

This repository contains a detailed technical writeup of CVE-2025-68613, an expression injection vulnerability in n8n leading to remote code execution (RCE). It includes steps for exploitation, payload examples, and references to official fixes and advisories.

The repository contains only a README with a disclaimer and no actual exploit code or technical details about CVE-2025-68613. It lacks payloads, proof-of-concept code, or any meaningful analysis of the vulnerability.

This repository provides a Docker Compose setup for a vulnerable n8n instance (version 1.120.0) and includes functional JavaScript payloads to exploit CVE-2025-68613, demonstrating environment variable exfiltration and remote code execution (RCE) via expression injection.

The repository contains a functional proof-of-concept exploit for CVE-2025-68613, demonstrating a Server-Side Template Injection (SSTI) vulnerability in n8n workflow automation platform. The exploit leverages JavaScript expressions to achieve Remote Code Execution (RCE) via the `child_process` module.

This Metasploit module exploits CVE-2025-68613 in n8n workflow automation by injecting malicious expressions into workflow nodes, leveraging Node.js process access to execute arbitrary commands via child_process.