High severity7.5NVD Advisory· Published Nov 11, 2024· Updated Apr 15, 2026

CVE-2024-48939

Description

Insufficient validation performed on the REST API License file in Paxton Net2 before 6.07.14023.5015 (SR4) enables use of the REST API with an invalid License File. Attackers may be able to retrieve access-log data.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

seclists.org/fulldisclosure/2024/Oct/3nvd
github.com/gitaware/CVE/blob/main/CVE-2024-48939/20241020_vuln_discl_paxton_API_license.pdfnvd
paxton-access.co.uknvd
seclists.org/fulldisclosure/2024/Oct/3nvd

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000