CVE-2025-59784

Medium CVSS: 6.9

2N Access Commander version 3.4.1 and prior is vulnerable to log pollution. Certain parameters sent over API may be included in the logs without prior validation or sanitisation.
This vulnerability can only be exploited after authenticating with administrator privileges.

Vendor

Product

Access Commander

CWE

CWE-117

Yayın Tarihi

2026-03-04 16:16:25

Güncelleme

2026-03-05 15:02:20

Source Identifier

be69f613-e5f6-419b-800c-30351aa8933c

KEV Date Added

Kategoriler

CWE-117 Access Commander MEDIUM 2n 2026

Referanslar

https://www.2n.com/en-GB/download/cve_2025_59784_acom_3_5_v1pdf

Benzer Kayıtlar

Medium

CVE-2025-59785

Improper validation of API end-point in 2N Access Commander version 3.4.2 and prior allows attacker to bypass password p…

Medium

CVE-2025-59786

2N Access Commander version 3.4.2 and prior improperly invalidates session tokens, allowing multiple session cookies to…

Medium

CVE-2025-59787

2N Access Commander application version 3.4.2 and prior returns HTTP 500 Internal Server Error responses when receiving…

High

CVE-2025-59783

API endpoint for user synchronization in 2N Access Commander version 3.4.1 did not have a sufficient input validation al…