漏洞描述
The `/rest/settings` endpoint in N8n was publicly exposed, which could have disclosed internal configuration details and sensitive application information.
n8n-config: N8n - Config
PoC代码[已公开]
id: n8n-config
info:
name: N8n - Config
author: icarot
severity: medium
description: |
The `/rest/settings` endpoint in N8n was publicly exposed, which could have disclosed internal configuration details and sensitive application information.
reference:
- https://github.com/n8n-io/n8n
classification:
cpe: cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*
metadata:
max-request: 1
vendor: n8n
product: n8n
shodan-query: http.html:"N8n"
tags: n8n,config,exposed,vuln
http:
- raw:
- |
GET /rest/settings HTTP/1.1
Host: {{Hostname}}
Content-Type: application/json
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'isDocker'
- 'databaseType'
- 'nodeJsVersion'
- 'versionCli'
- 'instanceId'
condition: and
- type: word
part: content_type
words:
- 'application/json'
- type: status
status:
- 200
# digest: 4a0a00473045022100c09abba60686832e468046c62e7ad40b0e60065dd7e7b9db668c821bffc5aed7022063dc70bbc40792e2069589dd0e2060515bc5e1e6728a9ee9aab2d6bec1e1efdd:922c64590222798bb761d5b6d8e72950