EUVD-2025-208276

API endpoint for user synchronization in 2N Access Commander version 3.4.1 did not have a sufficient input validation allowing for OS command injection. This vulnerability can only be exploited after authenticating with administrator privileges...

CVE-2025-59786

2N Access Commander version 3.4.2 and prior improperly invalidates session tokens, allowing multiple session cookies to remain active after logout in web application...

CVE-2025-59786

2N Access Commander version 3.4.2 and prior improperly invalidates session tokens, allowing multiple session cookies to remain active after logout in web application...

CVE-2025-59786

CVE-2025-59786 affects 2N Access Commander v3.4.2 and earlier. The root issue is improper invalidation of session tokens, allowing multiple session cookies to remain active after logout in the web application, which can enable unintended continued access for an authenticated user. The available C...

CVE-2025-59786

2N Access Commander version 3.4.2 and prior improperly invalidates session tokens, allowing multiple session cookies to remain active after logout in web application...

CVE-2025-59783 OS Command Injection over API

API endpoint for user synchronization in 2N Access Commander version 3.4.1 did not have a sufficient input validation allowing for OS command injection. This vulnerability can only be exploited after authenticating with administrator privileges...

CVE-2025-59783 OS Command Injection over API

API endpoint for user synchronization in 2N Access Commander version 3.4.1 did not have a sufficient input validation allowing for OS command injection. This vulnerability can only be exploited after authenticating with administrator privileges...

PT-2026-22935

2N Access Commander application version 3.4.2 and prior returns HTTP 500 Internal Server Error responses when receiving malformed or manipulated requests, indicating improper handling of invalid input and potential security or availability impacts...

2N OS 安全漏洞

2N OS is an operating system for access control systems from 2N. A security vulnerability exists in 2N OS that stems from a specially crafted packet handling flaw. An attacker exploiting the vulnerability could crash the device...

PT-2025-5853 · 2N · 2N Os

Name of the Vulnerable Software and Affected Versions: 2N OS affected versions not specified Description: The issue allows an authorized user to enable logging when using the API in the 2N OS device. This logging functionality discloses valid authentication tokens in the system log...

PT-2025-5859 · 2N · 2N Access Commander

Name of the Vulnerable Software and Affected Versions: 2N Access Commander versions 1.14 and older Description: The issue allows an attacker with Admin access privileges to read a hardcoded AES passphrase, which can be used to decrypt certain data within backup files. Recommendations: For 2N Acce...

2N Access Commander 安全漏洞

2N Access Commander is an access control solution from 2N. A security vulnerability exists in 2N Access Commander version 1.14 and prior versions that stems from allowing hard-coded AES passwords...

2N OS 安全漏洞

2N OS is an operating system for access control systems from 2N. A security vulnerability exists in 2N OS that stems from an unfiltered authentication token when logging is enabled. An attacker could exploit the vulnerability to obtain a valid token...

2N Access Commander 安全漏洞

2N Access Commander is an access control solution from 2N. A security vulnerability exists in 2N Access Commander version 3.1.1.2 and earlier, which stems from a path traversal vulnerability that could allow an attacker with administrative privileges to write to a file on the file system and...

CVE-2021-31399

On 2N Access Unit 2.0 2.31.0.40.5 devices, an attacker can pose as the web relay for a man-in-the-middle attack...

IBM QRadar SIEM and QRadar Incident Forensics Cross-Site Request Forgery Vulnerabilities

IBM QRadar SIEM and QRadar Incident Forensics are both products of IBM USA. The former is a suite of solutions that utilize security intelligence to protect assets and information from advanced threats; the latter is a suite of security forensic investigation software. A cross-site request forger...

IBM QRadar SIEM Sensitive Information Access Vulnerability

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A sensitive...

IBM Security QRadar Incident Forensics Unauthorized Access Vulnerability

IBM Security QRadar Incident Forensics is a suite of security forensic investigation software from IBM. The software supports in-depth forensic investigations of suspected malicious network security incidents, and repair network security vulnerabilities. An unauthorized access vulnerability exist...