Primary

Context

N2W Remote Code Execution and Credential Theft Vulnerability

Vulnerability

A spoofing vulnerability in N2W versions prior to 4.3.2 and in the 4.4.x series prior to 4.4.1, could allow an attacker with insider access to spoof requests. This could potentially lead to remote code execution or theft of account credentials.

Impact

Exploitation of this vulnerability could result in unauthorized remote code execution or theft of account credentials.

Remediation

Users are advised to upgrade to N2W version 4.4.1 or 4.3.2. Additionally, review and apply proper security hardening measures to worker nodes.

Added: Mar 25, 2026, 3:24 PM

Updated: Mar 25, 2026, 3:24 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

3.5

remediation

0.0

relevance

4.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

3.5

remediation

0.0

relevance

4.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

N2W Remote Code Execution and Credential Theft Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating