Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
2N Access Commander: Password Bypass in Backup File Encryption
CVE-2025-59785
Summary
An attacker with admin access can bypass password requirements for encrypted backup files in 2N Access Commander versions 3.4.2 and earlier. This is a concern for organizations that rely on 2N Access Commander for security and data protection. To protect against this, update to the latest version of the software or apply a patch to affected systems.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| 2n | access_commander | <= 3.5 | – |
Original title
Improper validation of API end-point in 2N Access Commander version 3.4.2 and prior allows attacker to bypass password policy for backup file encryption.
This vulnerability can only be exploited af...
Original description
Improper validation of API end-point in 2N Access Commander version 3.4.2 and prior allows attacker to bypass password policy for backup file encryption.
This vulnerability can only be exploited after authenticating with administrator privileges.
This vulnerability can only be exploited after authenticating with administrator privileges.
nvd CVSS3.1
7.2
nvd CVSS4.0
5.3
Vulnerability type
CWE-1286
- https://www.2n.com/en-GB/download/cve_2025_59785_acom_3_5_v1pdf Vendor Advisory
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026