Every CVE whose affected-product data names 2n Access Commander, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2025-59786 — CVSS 9.8 (critical): 2N Access Commander version 3.4.2 and prior improperly invalidates session tokens, allowing multiple session cookies to remain active after…
CVE-2024-47253 — CVSS 7.2 (high): In 2N Access Commander versions 3.1.1.2 and prior, a Path Traversal vulnerability could allow an attacker with administrative privileges to…
CVE-2025-59783 — CVSS 7.2 (high): API endpoint for user synchronization in 2N Access Commander version 3.4.1 did not have a sufficient input validation allowing for OS…
CVE-2025-59784 — CVSS 7.2 (high): 2N Access Commander version 3.4.1 and prior is vulnerable to log pollution. Certain parameters sent over API may be included in the logs…
CVE-2025-59785 — CVSS 7.2 (high): Improper validation of API end-point in 2N Access Commander version 3.4.2 and prior allows attacker to bypass password policy for backup…
CVE-2025-59787 — CVSS 6.5 (medium): 2N Access Commander application version 3.4.2 and prior returns HTTP 500 Internal Server Error responses when receiving malformed or…
CVE-2024-47254 — CVSS 6.3 (medium): In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient Verification of Data Authenticity vulnerability could allow an attacker…
CVE-2024-47255 — CVSS 4.7 (medium): In 2N Access Commander versions 3.1.1.2 and prior, a local attacker can escalate their privileges in the system which could allow for…