VIR Vulnerability Intelligence Relay

CVE-2025-8876

unknown KEV
Published 2025-08-13 · Modified 2025-08-13
CVSS v3
CVSS v2
VIR risk
1.5

Description

N-able N-Central contains a command injection vulnerability via improper sanitization of user input.

CISA KEV

Vendor
N-able
Product
N-Central
Due date
2025-08-20

Predictions

Exploit likelihood
99%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cisa-kev — https://status.n-able.com/2025/08/13/announcing-the-ga-of-n-central-2025-3-1/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-8876

Exploits

References

Verify integrity in audit chain (admin only). AS-IS.