CVE-2025-7051

Summary

On N-central, it is possible for any authenticated user to read, write and modify syslog configuration across customers on an N-central server. This vulnerability is present in all deployments of N-central prior to 2025.2.

Affected Software

VendorProductVersion RangeStatus
N-ableN-central2024.6.0 <= 2024.6.16affected
N-ableN-central2025.1affected

Weaknesses

  • CWE-284: CWE-284

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References