Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

N-Able — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting N-Able. AI-powered Chinese analysis, POCs, and references for each vulnerability.

N-Able provides remote monitoring and management software for IT service providers, enabling centralized control of client endpoints and networks. Historically, its vulnerabilities have commonly included remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and access controls. The company has faced multiple security incidents, including a 2021 data breach affecting MSP partners and their customers, and recurring authentication bypass issues in various products. Despite these challenges, N-Able maintains a significant market presence in the managed services sector, though its security track record suggests a need for stronger development practices and timely patch management.

Top products by N-Able: N-central AutomationManagerAgent Ecosystem Agent
CVE IDTitleCVSSSeverityPublished
CVE-2025-11367 N-central windows software probe Remote Code Execution — N-centralCWE-502 9.8 -2025-11-12
CVE-2025-11366 N-central Authentication bypass via path traversal — N-centralCWE-22 9.8 -2025-11-12
CVE-2025-11700 N-central Multiple XXE Injection Vulnerabilities — N-centralCWE-611 7.5 -2025-11-12
CVE-2025-9316 N-central unauthenticated sessionID generation — N-centralCWE-1284 6.5 -2025-11-12
CVE-2025-10231 N-central Incorrect Default Permissions could lead to Privilege Escalation — N-centralCWE-276 7.0 High2025-09-10
CVE-2025-7051 N-central Syslog Configuration Insecure Direct Object Reference — N-centralCWE-284 8.3 High2025-08-21
CVE-2025-8875 Insecure Deserialization Vulnerability — N-centralCWE-502 7.8AIHighAI2025-08-14
CVE-2025-8876 Command Injection Vulnerability — N-centralCWE-20 9.8AICriticalAI2025-08-14
CVE-2024-8510 N-central Path Traversal — N-centralCWE-22 5.3 Medium2025-03-17
CVE-2024-5445 Ecosystem Agent Insufficient Transport Layer Security — Ecosystem AgentCWE-295 3.8 Low2024-08-08
CVE-2024-28200 N-central Authentication Bypass — N-centralCWE-288 9.1 Critical2024-07-01
CVE-2024-5322 N-central Authentication Bypass via Session Rebinding — N-centralCWE-288 9.1 Critical2024-07-01
CVE-2023-37244 Privilege escalation in N-Able's AutomationManagerAgent — AutomationManagerAgentCWE-362 5.3 Medium2024-05-02

This page lists every published CVE security advisory associated with N-Able. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.