PT-2026-22931 · 2N · 2N Access Commander
Published
2026-03-04
·
Updated
2026-03-04
·
CVE-2025-59784
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
2N Access Commander versions prior to 3.4.2
Description
The 2N Access Commander software contains a flaw related to insufficient validation of data written to logs. Specifically, certain parameters received through the API are included in log files without proper sanitization. Exploitation requires administrator privileges. The issue allows for log injection, tampering, and forging.
Recommendations
Update 2N Access Commander to version 3.4.2 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
2N Access Commander