Primary

Context

N-central Path Traversal Vulnerability Allowing Unintended Access to WEB-INF Directory

Vulnerability

Patched

A path traversal vulnerability has been identified in N-central, allowing unauthorized access to the Apache Tomcat WEB-INF directory. This issue affects all N-central deployments prior to version 2024.6. While customer data is not exposed, the vulnerability could be exploited to access sensitive application files or configurations.

Impact

Exploitation of this vulnerability could lead to unauthorized access to the WEB-INF directory, where sensitive application files and configurations are stored.

Remediation

Users can upgrade to N-central version 2024.6 or higher to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

N-central Path Traversal Vulnerability Allowing Unintended Access to WEB-INF Directory

Vulnerability

Impact

Remediation

Affected Products

N-able N-central

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating