CVE-2025-9316

EXPLOITED NUCLEI

N-central <2025.4 - Info Disclosure

Title source: llm

Description

N-central < 2025.4 can generate sessionIDs for unauthenticated users This issue affects N-central: before 2025.4.

Exploits (2)

nomisec WORKING POC 2 stars
by horizon3ai · remote
https://github.com/horizon3ai/n-able_n-central_xxe_file_read
nomisec WORKING POC
by zyyyys123 · poc
https://github.com/zyyyys123/CVE-2025-9316_CVE-2025-11700

Nuclei Templates (1)

N-central - Authentication Bypass
MEDIUMVERIFIEDby DhiyaneshDK,horizon3ai
Shodan: http.title:"N-central Login"

References (1)

Scores

EPSS 0.8135
EPSS Percentile 99.1%

Exploitation Intel

VulnCheck KEV 2025-12-15

Classification

CWE
CWE-1284
Status draft

Timeline

Published Nov 12, 2025
Tracked Since Feb 18, 2026