CVE-2025-11700

High CVSS: 8.4

N-central versions < 2025.4 are vulnerable to multiple XML External Entities injection leading to information disclosure

Vendor

Product

CWE

Yayın Tarihi

2025-11-12 16:15:35

Güncelleme

2025-12-15 15:15:47

Source Identifier

a5532a13-c4dd-4202-bef1-e0b8f2f8d12b

KEV Date Added

CWE-611 N-central HIGH N-able 2025

https://me.n-able.com/s/security-advisory/aArVy0000000rabKAA

Critical

CVE-2025-11366

N-central < 2025.4 is vulnerable to authentication bypass via path traversal

Critical

CVE-2025-11367

The N-central Software Probe < 2025.4 is vulnerable to Remote Code Execution via deserialization

High

CVE-2025-10231

An Incorrect File Handling Permission bug exists on the N-central Windows Agent and Probe that, in the right circumstanc…

High

CVE-2025-7051

On N-central, it is possible for any authenticated user to read, write and modify syslog configuration across customers…

Critical

CVE-2025-8875

Deserialization of Untrusted Data vulnerability in N-able N-central allows Local Execution of Code.This issue affects N-…

Critical

CVE-2025-8876

Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This issue affects N-central: be…