According to statistics from the Shadowserver Foundation, an organization that tracks vulnerability statistics in collaboration with the UK government, there are still more than 780 vulnerable N-central servers exposed to the internet based on unique IP count, with the majority in North America (415) and Europe (239). Meanwhile the Shodan internet device search engine shows over 3,000 results for N-central.
The risk is particularly high because N-central is a product aimed at MSPs who then use it to manage and monitor the environments of thousands of small and midsize businesses. The product’s developer, N-able, is SolarWinds’ previous MSP business that was spun off into a separate company in 2021.
MSPs and RMMs software offer prime targets
While there aren’t many details about the two vulnerabilities, one is described as a command injection flaw via improper sanitization of user input (CVE-2025-8876) and the other as an insecure deserialization vulnerability that could lead to command execution (CVE-2025-8875).
