CVE-2025-59784
Received Received - Intake
Log Pollution in 2N Access Commander API via Admin Input

Publication date: 2026-03-04

Last updated on: 2026-03-05

Assigner: be69f613-e5f6-419b-800c-30351aa8933c

Description
2N Access Commander version 3.4.1 and prior is vulnerable to log pollution. Certain parameters sent over API may be included in the logs without prior validation or sanitisation. This vulnerability can only be exploited after authenticating with administrator privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-04
Last Modified
2026-03-05
Generated
2026-06-16
AI Q&A
2026-03-04
EPSS Evaluated
2026-06-15
NVD
CVE-2025-59784
EUVD
EUVD-2025-208277
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
2n access_commander to 3.4.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-117 The product constructs a log message from external input, but it does not neutralize or incorrectly neutralizes special elements when the message is written to a log file.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability affects 2N Access Commander version 3.4.1 and earlier. It is a log pollution issue where certain parameters sent over the API may be recorded in the system logs without proper validation or sanitisation.

This means that malicious or malformed data could be inserted into logs, potentially causing confusion or hiding malicious activity.

Exploitation requires the attacker to have authenticated administrator privileges.

Impact Analysis

This vulnerability can lead to log pollution, which may obscure important log entries or inject misleading information into logs.

As a result, it can hinder incident detection and response efforts, making it harder to identify unauthorized activities or troubleshoot issues.

Since exploitation requires administrator access, the impact is limited to users with high privileges, but it still poses a risk to system integrity and monitoring.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-59784. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart