Lucene search
K

5 matches found

CVE
CVE
added 2026/03/04 3:19 p.m.19 views

CVE-2025-59783

CVE-2025-59783 affects the API endpoint for user synchronization in 2N Access Commander 3.4.1 . The root cause is insufficient input validation, enabling an OS command injection . Exploitation requires authentication with administrator privileges . The CVSS 4.0 base score is 8.8 (HIGH) with netwo...

8.8CVSS5.9AI score0.0086EPSS
CVE
CVE
added 2026/03/04 3:26 p.m.17 views

CVE-2025-59784

2N Access Commander versions prior to 3.4.2 are affected by a log pollution flaw: certain API parameters are written into logs without validation, exploitable only with administrator privileges. Affected product/version: 2N Access Commander

7.2CVSS5.9AI score0.00286EPSS
CVE
CVE
added 2026/03/04 3:30 p.m.15 views

CVE-2025-59785

CVE-2025-59785 affects 2N Access Commander, with affected versions prior to 3.4.3. The root cause is improper validation of an API endpoint in the product, which can allow bypassing the password policy used for backup file encryption. Exploitation requires administrator privileges (authenticated ...

7.2CVSS5.9AI score0.00189EPSS
CVE
CVE
added 2026/03/04 3:30 p.m.12 views

CVE-2025-59786

CVE-2025-59786 affects 2N Access Commander, with version 3.4.2 and earlier. The root cause is improper invalidation of session tokens, allowing multiple session cookies to remain active after logout in the web application. Impact described across multiple sources includes potential unauthorized a...

9.8CVSS5.9AI score0.00254EPSS
CVE
CVE
added 2026/03/04 3:31 p.m.11 views

CVE-2025-59787

2N Access Commander, affected through version 3.4.2 and earlier, returns HTTP 500 on malformed or manipulated input, indicating improper input validation in the web-facing interface. The description notes potential security or availability impact but does not detail exploitable vectors beyond the...

6.5CVSS5.9AI score0.00191EPSS