Cyber Posture

CVE-2025-59706

CriticalUpdated

Published: 25 March 2026

Published
25 March 2026
Modified
25 April 2026
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0031 54.0th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-59706 is a critical-severity Authentication Bypass by Spoofing (CWE-290) vulnerability in N2Ws N2W. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 46.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly requires implementation of input validation mechanisms at API request points to prevent remote code execution from specially crafted parameters.

SI-2 Flaw Remediation good match
prevent

Ensures timely flaw remediation by patching the improper API parameter validation vulnerability in affected N2W versions.

SI-9 Information Input Restrictions partial match
prevent

Enforces restrictions on API input parameters such as types, ranges, and formats to block malicious requests that bypass validation.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

The vulnerability allows unauthenticated remote code execution via crafted API requests on a public-facing application, directly mapping to T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

In N2W before 4.3.2 and 4.4.0 before 4.4.1, improper validation of API request parameters enables remote code execution.

Deeper analysisAI

CVE-2025-59706 is a critical vulnerability in N2W software versions prior to 4.3.2 and 4.4.0 prior to 4.4.1, stemming from improper validation of API request parameters that enables remote code execution. Assigned CWE-290, it received a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) upon publication on March 25, 2026.

Remote attackers require only network access to the vulnerable N2W instance, with no authentication, privileges, or user interaction needed. By sending specially crafted API requests, they can achieve arbitrary code execution, resulting in high-impact compromise of confidentiality, integrity, and availability on the affected system.

Vendor advisories, including the security update on the N2W blog and release notes for version 4.3.2, recommend upgrading to N2W 4.3.2 or 4.4.1 to mitigate the issue, as detailed in the referenced documentation.

Details

CWE(s)
CWE-290

Affected Products

n2ws
n2w
≤ 4.3.2

CVEs Like This One

CVE-2025-59707Same product: N2Ws N2W
CVE-2025-54576Shared CWE-290
CVE-2026-21862Shared CWE-290
CVE-2018-25316Shared CWE-290
CVE-2026-33131Shared CWE-290
CVE-2025-69401Shared CWE-290
CVE-2026-40575Shared CWE-290
CVE-2026-28465Shared CWE-290
CVE-2025-59385Shared CWE-290
CVE-2026-33661Shared CWE-290

References