CVE-2025-8875 PoC — Insecure Deserialization Vulnerability

Source

https://github.com/rxerium/CVE-2025-8875-CVE-2025-8876

Associated Vulnerability

Title:Insecure Deserialization Vulnerability (CVE-2025-8875)
Description:Deserialization of Untrusted Data vulnerability in N-able N-central allows Local Execution of Code.This issue affects N-central: before 2025.3.1.

Description

Detection for CVE-2025-8875 & CVE-2025-8876

Readme

# CVE-2025-8875 & CVE-2025-8876

 ## How does this detection method work?

Version detection template - anything running 2025.3.1.9 or older is considered vulnerable to CVE-2025-8875 & CVE-2025-8876

 ## How do I run this script?

1. Download Nuclei from [here](https://github.com/projectdiscovery/nuclei)
2. Copy the template to your local system
3. Run the following command: `nuclei -u https://yourHost.com -t template.yaml` 

![Untitled](https://github.com/user-attachments/assets/2d4f81e5-00a9-45f7-ab88-bd6e94ec9761)

## References

- https://status.n-able.com/2025/08/13/announcing-the-ga-of-n-central-2025-3-1/
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog


## Disclaimer

Use at your own risk, I will not be responsible for illegal activities you conduct on infrastructure you do not own or have permission to scan.

## Contact

Feel free to reach out to me on [Signal](https://signal.me/#eu/0Qd68U1ivXNdWCF4hf70UYFo7tB0w-GQqFpYcyV6-yr4exn2SclB6bFeP7wTAxQw) if you have any questions.

File Snapshot


 [4.0K]  /data/pocs/c2f6bce847d0c01e196b4f45ffa483759ff3cfcd
├── [ 827]  CVE-2025-8875.yaml
├── [ 827]  CVE-2025-8876.yaml
└── [1012]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!