CVE-2025-8876

high-risk
Published 2025-08-14

Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This issue affects N-central: before 2025.3.1.

Do I need to act?

~
7.8% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

N-Able

References (2)

Release Notes https://status.n-able.com/2025/08/13/announcing-the-ga-of-n-central-2025-3-1/
US Government Resource https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-...
52
/ 100
high-risk
Severity 30/34 · Critical
Exploitability 17/34 · Moderate
Exposure 5/34 · Minimal