Lucene search
+L

80 matches found

Vulnrichment
Vulnrichment
added 2025/08/14 2:56 p.m.4 views

CVE-2025-8875 Insecure Deserialization Vulnerability

Deserialization of Untrusted Data vulnerability in N-able N-central allows Local Execution of Code.This issue affects N-central: before 2025.3.1...

9.4CVSS7.3AI score0.01588EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/08/14 2:53 p.m.15 views

CVE-2025-8876 Command Injection Vulnerability

Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This issue affects N-central: before 2025.3.1...

9.4CVSS0.03092EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/08/14 2:53 p.m.2 views

CVE-2025-8876 Command Injection Vulnerability

Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This issue affects N-central: before 2025.3.1...

9.4CVSS7.3AI score0.03092EPSS
Exploits1References1
EUVD
EUVD
added 2025/08/14 2:53 p.m.6 views

EUVD-2025-24822

Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This issue affects N-central: before 2025.3.1...

9.4CVSS7.3AI score0.03092EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2025/08/14 4:2 a.m.13 views

CISA Adds Two N-able N-central Flaws to Known Exploited Vulnerabilities Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday added two security flaws impacting N-able N-central to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. N-able N-central is a Remote Monitoring and Management RMM platform designed...

9.4CVSS9.6AI score0.8593EPSS
Exploits19
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.5 views

N-able N-central 安全漏洞

N-able N-central is an RMM platform from N-able Canada Inc. provides large-scale management, automation and orchestration capabilities for sophisticated MSPs and IT professionals. A security vulnerability exists in N-able N-central versions prior to 2025.3.1 that stems from the fact that...

9.4CVSS7.4AI score0.01588EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.8 views

N-able N-central 操作系统命令注入漏洞

N-able N-central is an RMM platform from N-able Canada Inc. provides large-scale management, automation and orchestration capabilities for sophisticated MSPs and IT professionals. A security vulnerability exists in N-able N-central versions prior to 2025.3.1, which stems from insufficient input...

9.4CVSS7AI score0.03092EPSS
Exploits1References2
CISA
CISA
added 2025/08/13 12:0 p.m.18 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-8875link is external N-able N-central Insecure Deserialization Vulnerability CVE-2025-8876link is external N-able N-central Command Injection Vulnerability...

9.4CVSS7.7AI score0.03092EPSS
In wildExploits1References7
Positive Technologies
Positive Technologies
added 2025/08/13 12:0 a.m.3 views

PT-2025-33076

Name of the Vulnerable Software and Affected Versions: N-able N-central versions prior to 2025.3.1 Description: Improper Input Validation in N-able N-central allows for OS Command Injection. This issue enables the execution of arbitrary operating system commands due to insufficient validation of...

9.4CVSS7.3AI score0.03092EPSS
Exploits1References47
Positive Technologies
Positive Technologies
added 2025/08/13 12:0 a.m.8 views

PT-2025-33075

Name of the Vulnerable Software and Affected Versions: N-able N-Central versions prior to 2025.3.1 N-able N-Central versions prior to 2024.6 Hotfix 2 Description: A deserialization of untrusted data issue exists in N-able N-Central, potentially allowing for local execution of code. This...

9.4CVSS7AI score0.01588EPSS
Exploits1References53
VulnCheck KEV
VulnCheck KEV
added 2025/08/13 12:0 a.m.9 views

VulnCheck KEV: CVE-2025-8875

Deserialization of Untrusted Data vulnerability in N-able N-central allows Local Execution of Code.This issue affects N-central: before 2025.3.1...

9.4CVSS5.8AI score0.03092EPSS
In wildExploits1References8
VulnCheck KEV
VulnCheck KEV
added 2025/08/13 12:0 a.m.10 views

VulnCheck KEV: CVE-2025-8876

Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This issue affects N-central: before 2025.3.1...

9.4CVSS5.8AI score0.03092EPSS
In wildExploits1References8
CISA KEV Catalog
CISA KEV Catalog
added 2025/08/13 12:0 a.m.11 views

N-able N-Central Command Injection Vulnerability

N-able N-Central contains a command injection vulnerability via improper sanitization of user input...

9.4CVSS7.8AI score0.03092EPSS
In wildExploits1
RedhatCVE
RedhatCVE
added 2025/05/23 5:16 a.m.8 views

CVE-2023-47131

The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log file...

7.5CVSS6.5AI score0.00497EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:15 a.m.7 views

CVE-2023-47132

An issue discovered in N-able N-central before 2023.6 and earlier allows attackers to gain escalated privileges via API calls...

9.8CVSS7.2AI score0.00551EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:42 a.m.7 views

CVE-2023-30297

An issue found in N-able Technologies N-central Server before 2023.4 allows a local attacker to execute arbitrary code via the monitoring function of the server...

7CVSS7.6AI score0.00167EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:32 a.m.6 views

CVE-2023-27470

BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU Race Condition via a pseudo-symlink at %PROGRAMDATA%\GetSupportServiceN-Central\PushUpdates, leading to arbitrary file deletion...

7CVSS7AI score0.00537EPSS
Exploits2References1
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.6 views

The vulnerability of the N-able N-central monitoring and management platform for IT infrastructure lies in the incorrect restriction on the path name to the catalog, allowing attackers to read arbitrary files.

The vulnerability of the N-able N-central monitoring and management platform relates to an incorrect limitation on the path name for the /WEB-INF directory in the Apache Tomcat application. Exploiting this vulnerability allows a malicious actor to read arbitrary files...

5.3CVSS5.6AI score0.00373EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 12:57 a.m.8 views

CVE-2024-28200

The N-central server is vulnerable to an authentication bypass of the user interface. This vulnerability is present in all deployments of N-central prior to 2024.2. This vulnerability was discovered through internal N-central source code review and N-able has not observed any exploitation in the...

9.8CVSS7.3AI score0.01946EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/12 12:0 a.m.6 views

N-able Ecosystem Agent 安全漏洞

N-able Ecosystem Agent is an agent system from N-able Canada. A security vulnerability exists in N-able Ecosystem Agent that stems from not properly validating SSL/TLS certificates, which could allow a malicious actor to perform man-in-the-middle operations and intercept traffic between the agent...

3.8CVSS6.6AI score0.00295EPSS
Exploits0References4
Rows per page
Query Builder