2N Access Commander application version 3.4.2 and prior returns HTTP 500 Internal Server Error responses when receiving malformed or manipulated requests, indicating improper handling of invalid input
2N Access Commander version 3.4.2 and prior improperly invalidates session tokens, allowing multiple session cookies to remain active after logout in web application.
Improper validation of API end-point in 2N Access Commander version 3.4.2 and prior allows attacker to bypass password policy for backup file encryption.
This vulnerability can only be exploited after
API endpoint for user synchronization in 2N Access Commander version 3.4.1 did not have a sufficient input validation allowing for OS command injection.
This vulnerability can only be exploited after
In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient
Verification of Data Authenticity vulnerability could allow an attacker
to escalate their privileges and gain root access to the sy
2N Access Commander version 3.4.1 and prior is vulnerable to log pollution. Certain parameters sent over API may be included in the logs without prior validation or sanitisation.
This vulnerability ca
In 2N Access Commander versions 3.1.1.2 and prior, a local attacker can escalate their privileges in the system which could allow for arbitrary
code execution with root permissions.
2N Access Commander version 2.1 and prior is vulnerable in default settings to Man In The Middle attack due to not verifying certificates of 2N edge devices.
2N has currently released an updated
Systemic Internal Server Errors - HTTP 500 ResponseThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .
Incorrect access control in BECN DATAGERRY v2.2 allows attackers to execute arbitrary commands via crafted web requests.
An HTTP/2 implementation flaw allows a denial-of-service (DoS) that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit (HTTP/2 MadeYouReset Attack).
Note: Softwa
Lack of Graceful Error Handling - HTTP 5xx ErrorThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.This issue affects:
Product
Affected Versions
LoadMaster
From
A vulnerability, which was classified as problematic, has been found in 70mai M300 up to 20250611. This issue affects some unknown processing of the component HTTP Server. The manipulation leads to in
Client-Side Enforcement of Server-Side Security (CWE-602) in the Command Centre Server allows a privileged operator to enter invalid competency data, bypassing expiry checks.
This issue affects Comm
A Privilege Context Switching Error (CWE-270) in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the
An uninitialized pointer dereference in the ngap_handle_pdu_session_resource_setup_response routine of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Servi
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From
Page 1+ Next →