N-able N-central OS Command Injection before 2025.3.1
CVE-2025-8876 Published on August 14, 2025
Command Injection Vulnerability
Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This issue affects N-central: before 2025.3.1.
Known Exploited Vulnerability
This N-able N-Central Command Injection Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. N-able N-Central contains a command injection vulnerability via improper sanitization of user input.
The following remediation steps are recommended / required by August 20, 2025: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Weakness Type
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Products Associated with CVE-2025-8876
Want to know whenever a new CVE is published for N Able N Central? stack.watch will email you.
Affected Versions
N-able N-central:- Before 2025.3.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.