exploitDog

CVE-2025-59785

Опубликовано: 04 мар. 2026

Источник: nvd

CVSS3: 7.2

EPSS Низкий

Описание

Improper validation of API end-point in 2N Access Commander version 3.4.2 and prior allows attacker to bypass password policy for backup file encryption. This vulnerability can only be exploited after authenticating with administrator privileges.

Ссылки

https://www.2n.com/en-GB/download/cve_2025_59785_acom_3_5_v1pdf
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:2n:access_commander:*:*:*:*:*:*:*:*

Версия до 3.5 (исключая)

EPSS

Процентиль: 12%

0.00041

Низкий

7.2 High

CVSS3

Дефекты

CWE-1286

Связанные уязвимости

GHSA-2369-45jq-xgc9

CVSS3: 7.2

github

22 дня назад

Improper validation of API end-point in 2N Access Commander version 3.4.2 and prior allows attacker to bypass password policy for backup file encryption. This vulnerability can only be exploited after authenticating with administrator privileges.

EPSS

Процентиль: 12%

0.00041

Низкий

7.2 High

CVSS3

Дефекты

CWE-1286