Shodan
Vulnerabilities
Vulnerable Software
2n:  >> Access Commander  Security Vulnerabilities
CVE-2025-59784
2N Access Commander version 3.4.1 and prior is vulnerable to log pollution. Certain parameters sent over API may be included in the logs without prior validation or sanitisation. This vulnerability can only be exploited after authenticating with administrator privileges.
CVSS Score
7.2
EPSS Score
0.0
Published
2026-03-04
CVE-2025-59785
Improper validation of API end-point in 2N Access Commander version 3.4.2 and prior allows attacker to bypass password policy for backup file encryption. This vulnerability can only be exploited after authenticating with administrator privileges.
CVSS Score
7.2
EPSS Score
0.0
Published
2026-03-04
CVE-2025-59786
2N Access Commander version 3.4.2 and prior improperly invalidates session tokens, allowing multiple session cookies to remain active after logout in web application.
CVSS Score
9.8
EPSS Score
0.0
Published
2026-03-04
CVE-2025-59787
2N Access Commander application version 3.4.2 and prior returns HTTP 500 Internal Server Error responses when receiving malformed or manipulated requests, indicating improper handling of invalid input and potential security or availability impacts.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-03-04
CVE-2025-59783
API endpoint for user synchronization in 2N Access Commander version 3.4.1 did not have a sufficient input validation allowing for OS command injection. This vulnerability can only be exploited after authenticating with administrator privileges.
CVSS Score
7.2
EPSS Score
0.004
Published
2026-03-04
CVE-2024-47255
In 2N Access Commander versions 3.1.1.2 and prior, a local attacker can escalate their privileges in the system which could allow for arbitrary code execution with root permissions.
CVSS Score
4.7
EPSS Score
0.0
Published
2024-11-05
CVE-2024-47254
In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient Verification of Data Authenticity vulnerability could allow an attacker to escalate their privileges and gain root access to the system.
CVSS Score
6.3
EPSS Score
0.002
Published
2024-11-05
CVE-2024-47253
In 2N Access Commander versions 3.1.1.2 and prior, a Path Traversal vulnerability could allow an attacker with administrative privileges to write files on the filesystem and potentially achieve arbitrary remote code execution. This vulnerability cannot be exploited by users with lower privilege roles.
CVSS Score
7.2
EPSS Score
0.046
Published
2024-11-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved