CVE-2025-59706 | N2W up to 4.3.1/4.4.0 API Request privilege escalation

Inserito da Angelo Barbosa | Mar 25, 2026 | CVE

A vulnerability was found in N2W up to 4.3.1/4.4.0. It has been declared as critical. Affected by this issue is some unknown functionality of the component API Request Handler. Such manipulation leads to privilege escalation.

This vulnerability is documented as CVE-2025-59706. The attack can be executed remotely. There is not any exploit available.

It is recommended to upgrade the affected component.

CVE-2025-59706 | N2W up to 4.3.1/4.4.0 API Request privilege escalation

Post correlati

CVE-2024-8880 | playSMS 1.4.4/1.4.5/1.4.6/1.4.7 Template index.php username/email/captcha code injection

CVE-2024-25718 | Samly up to 1.3.x on Elixir Samly.State.Store.get_assertion session expiration

CVE-2025-5228 | D-Link DI-8100 up to 20250523 jhttpd /login.cgi httpd_get_parm notify stack-based overflow

CVE-2025-61659 | magicmonty bash-git-prompt up to 2.7.1 /tmp/git-index-private$$ temp file (Issue 561)