7.2
CVE-2025-59784
- EPSS 0.29%
- Veröffentlicht 04.03.2026 15:26:47
- Zuletzt bearbeitet 05.03.2026 15:02:20
- Quelle be69f613-e5f6-419b-800c-30351a
- CVE-Watchlists
- Unerledigt
Log Pollution - Control Characters Not Escaped
2N Access Commander version 3.4.1 and prior is vulnerable to log pollution. Certain parameters sent over API may be included in the logs without prior validation or sanitisation. This vulnerability can only be exploited after authenticating with administrator privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
2n ≫ Access Commander Version < 3.4.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.29% | 0.201 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 1.2 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| be69f613-e5f6-419b-800c-30351aa8933c | 6.9 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-117 Improper Output Neutralization for Logs
The product does not neutralize or incorrectly neutralizes output that is written to logs.
https://www.2n.com/en-GB/download/cve_2025_59784_acom_3_5_v1pdf