CVE-2025-11366 CRITICAL

CVE-2025-11366: N-central Authentication bypass via path traversal

Vendor N-Able

Product N-central

Weakness CWE-22 · Path traversal

Published November 12, 2025

Last update November 12, 2025

CVSS base score

9.4/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

What the vulnerability does

01Description

N-central < 2025.4 is vulnerable to authentication bypass via path traversal

Key dates

November 12, 2025 CVE published

November 12, 2025 Record updated

External resources

Related vulnerabilities