Server-Side Request Forgery (SSRF)
CVE-2026-42449
Summary
In the SDK embedder path (`N8NDocumentationMCPServer` constructor, `getN8nApiClient()`, and `validateInstanceContext()`), the synchronous URL validator in `SSRFProtection.validateUrlSync()` had no IPv6 checks. IPv4-mapped IPv6 addresses such as `http://[::ffff:169.254.169.254]` bypassed the cloud-metadata, localhost, and private-IP range checks. An attacker able to supply an `n8nApiUrl` value could cause the server to issue HTTP requests to cloud metadata endpoints (AWS IMDS, GCP, Azure, Alibaba, Oracle), RFC1918 private networks, or localhost services. Response bodies are returned to the caller (non-blind SSRF), and the `n8nApiKey` is forwarded in the `x-n8n-api-key` header to the attacker-controlled target. Affected versions are from 2.47.4 prior to 2.47.14.
- LOW
- NETWORK
- LOW
- CHANGED
- NONE
- LOW
- HIGH
- NONE
CWE-918 - Server-Side Request Forgery (SSRF)
Server-side request forgery (SSRF) is a weakness that allows an attacker to send an arbitrary request, making it appear that the request was sent by the server. This request may bypass a firewall that would normally prevent direct access to the URL. The impact of this vulnerability can vary from unauthorized access to files and sensitive information to remote code execution.
References
Advisory Timeline
- Published
