CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47255
https://notcve.org/view.php?id=CVE-2024-47255
In 2N Access Commander versions 3.1.1.2 and prior, a local attacker can escalate their privileges in the system which could allow for arbitrary code execution with root permissions. En las versiones 3.1.1.2 y anteriores de 2N Access Commander, un atacante local puede escalar sus privilegios en el sistema, lo que podría permitir la ejecución de código arbitrario con permisos de root. • https://www.2n.com/en-GB/about-2n/cybersecurity https://www.2n.com/en-GB/download/Access-Commander-Security-Advisory-2024-11 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47254
https://notcve.org/view.php?id=CVE-2024-47254
In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient Verification of Data Authenticity vulnerability could allow an attacker to escalate their privileges and gain root access to the system. En las versiones 3.1.1.2 y anteriores de 2N Access Commander, una vulnerabilidad de verificación insuficiente de la autenticidad de los datos podría permitir que un atacante aumente sus privilegios y obtenga acceso de root al sistema. • https://www.2n.com/en-GB/about-2n/cybersecurity https://www.2n.com/en-GB/download/Access-Commander-Security-Advisory-2024-11 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47253
https://notcve.org/view.php?id=CVE-2024-47253
In 2N Access Commander versions 3.1.1.2 and prior, a Path Traversal vulnerability could allow an attacker with administrative privileges to write files on the filesystem and potentially achieve arbitrary remote code execution. This vulnerability cannot be exploited by users with lower privilege roles. En las versiones 3.1.1.2 y anteriores de 2N Access Commander, una vulnerabilidad de path traversal podría permitir a un atacante escribir archivos en el sistema de archivos para lograr la ejecución remota de código arbitrario. • https://www.2n.com/en-GB/about-2n/cybersecurity https://www.2n.com/en-GB/download/Access-Commander-Security-Advisory-2024-11 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •