CVE-2025-59786

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions 2N Access Commander versions prior to 3.4.2

Description The web application does not properly invalidate session tokens, which allows multiple session cookies to remain active even after a user logs out. This can potentially allow unauthorized access.

Recommendations Update to a version later than 3.4.2.

Fix

Insufficient Session Expiration

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-613

Related Identifiers

CVE-2025-59786

Affected Products

2N Access Commander

CVE-2025-59786

Weakness Enumeration

Related Identifiers

Affected Products

References · 8