SolarWinds N-Central Cross-Site Request Forgery Vulnerability

SolarWinds N-Central is an IT device management platform from SolarWinds Singapore. The platform provides proactive monitoring of everything on a customer's network, not just servers and workstations, and rapid troubleshooting using features such as MFA, antivirus, integrated endpoint detection a...

SolarWinds N-Central Trust Management Issue Vulnerability

SolarWinds N-Central is an IT device management platform from SolarWinds Singapore. The platform provides proactive monitoring of everything on a customer's network, not just servers and workstations, and rapid troubleshooting using features such as MFA, antivirus, integrated endpoint detection a...

SolarWinds N-Central Relative Path Traversal Vulnerability

SolarWinds N-Central is a remote monitoring and management automation solution for managed service providers and IT professionals. A relative path traversal vulnerability exists in the AdvancedScripts HTTP endpoint in SolarWinds N-Central 12.3.0.670. An attacker can exploit the vulnerability to...

SolarWinds N-Central Access Control Error Vulnerability

SolarWinds N-Central is an IT device management platform from SolarWinds Singapore. The platform provides proactive monitoring of everything on a customer's network, not just servers and workstations, and rapid troubleshooting using features such as MFA, antivirus, integrated endpoint detection a...

Design/Logic Flaw

An issue was discovered in SolarWinds N-Central 12.3.0.670. The sudo configuration has incorrect access control because the nable web user account is effectively able to run arbitrary OS commands as root i.e., the use of root privileges is not limited to specific programs listed in the sudoers fi...

CVE-2020-25622

SolarWinds N-Central 12.3.0.670 contains a Cross-Site Request Forgery (CSRF) vulnerability in the AdvancedScripts HTTP endpoint. The issue allows CSRF by remote attackers via the affected endpoint, potentially impacting confidentiality, integrity, and availability (CVSS3.1: HIGH, 8.8). The root c...

CVE-2020-25617

SolarWinds N-Central 12.3.0.670 contains a relative path traversal flaw in the AdvancedScripts HTTP endpoint . An authenticated user can exploit this to execute OS commands as root via the NAC interface, as described across multiple sources (NVD/Red Hat/CNVD listings). The root cause is path trav...

SolarWinds N-Central 授权问题漏洞

SolarWinds N-Central is an IT device management platform from SolarWinds Singapore. The platform provides proactive monitoring of everything on a customer's network, not just servers and workstations, and rapid troubleshooting using features such as MFA, antivirus, integrated endpoint detection a...

SolarWinds N-Central 跨站请求伪造漏洞

SolarWinds N-Central is an IT device management platform from SolarWinds Singapore. The platform provides proactive monitoring of everything on a customer's network, not just servers and workstations, and rapid troubleshooting using features such as MFA, antivirus, integrated endpoint detection a...

SolarWinds N-Central 操作系统命令注入漏洞

SolarWinds N-Central is an IT device management platform from SolarWinds Singapore. The platform provides proactive monitoring of everything on a customer's network, not just servers and workstations, and rapid troubleshooting using features such as MFA, antivirus, integrated endpoint detection a...