CNNVD-202511-1418 Information

CNNVD ID

CNNVD-202511-1418

Related CVE

CVE-2025-11700

• CNNVD Published: 2025-11-12

Description (Chinese)

N-able N-central是加拿大N-able公司的一个 RMM 平台。为成熟的 MSP 和 IT 专业人员提供了大规模管理、自动化和编排功能。 N-able N-central 2025.4之前版本存在安全漏洞，该漏洞源于XML外部实体注入，可能导致信息泄露。

Description (English)

N-able N-central is a RMM platform for N-ables Canada. Large-scale management, automation and organization functions are provided to mature MSP and IT professionals. There was a security loophole in the pre-N-able N-central 2025.4 version, which originated from the injection of an outside XML entity and could lead to the disclosure of information.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

N-able

Published

2025-11-12

Last Modified

2026-02-24

References

https://me.n-able.com/s/security-advisory/aArVy0000000rabKAA https://me.n-able.com/s/security-advisory/aArVy0000000rabKAA/cve202511700-ncentral-importservicefromfile-xxe-injection

Patch

https://me.n-able.com/s/security-advisory/aArVy0000000rabKAA/cve202511700-ncentral-importservicefromfile-xxe-injection