CVE-2025-59707
Awaiting Analysis
Awaiting Analysis - Queue
Spoofing Vulnerability in N2W Leads to Remote Code Execution
Publication date: 2026-03-25
Last updated on: 2026-04-25
Assigner: MITRE
Description
Description
In N2W before 4.3.2 and 4.4.x before 4.4.1, there is potential remote code execution and account credentials theft because of a spoofing vulnerability.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| n2ws | n2w | to 4.3.2 (exc) |
| n2ws | n2w | 4.4.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-290 | This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in N2W versions before 4.3.2 and 4.4.x before 4.4.1. It is a spoofing vulnerability that can potentially allow remote code execution and theft of account credentials.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized remote code execution, which means an attacker could run malicious code on your system remotely. Additionally, it can result in the theft of account credentials, potentially compromising user accounts and system security.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70