## https://sploitus.com/exploit?id=98E76415-A5CB-5346-9AB1-187C8880BE12
# n8n Expression Injection RCE Analysis (CVE-2025-68613)
This repo contains the lab report I prepared for exploiting the vulnerable n8n service available on the Hackviser platform.
In the study, I demonstrated how I performed a sandbox escape by using the expression evaluation mechanism on n8n and gained unauthorized access to a sensitive file (/secret.txt) in the server’s root directory. This process clearly reveals the practical impact of the A03:2021-Injection vulnerability listed in the OWASP Top 10.
The exploitation steps, details of the payload I used, and my recommendations on how to secure the system are included in the report.md file.