Lucene search
K

4 matches found

OSV
OSV
added 2022/04/19 9:15 p.m.3 views

CVE-2021-26625

Insufficient Verification of input Data leading to arbitrary file download and execute was discovered in Nexacro platform. This vulnerability is caused by an automatic update function that does not verify input data except version information. Remote attackers can use this incomplete validation...

8.8CVSS6AI score0.00586EPSS
Exploits0References1
NVD
NVD
added 2022/04/19 9:15 p.m.25 views

CVE-2021-26625

Insufficient Verification of input Data leading to arbitrary file download and execute was discovered in Nexacro platform. This vulnerability is caused by an automatic update function that does not verify input data except version information. Remote attackers can use this incomplete validation...

8.8CVSS0.00586EPSS
Exploits0References1
CVE
CVE
added 2022/04/19 8:26 p.m.90 views

CVE-2021-26625

The CVE-2021-26625 entry concerns the Nexacro platform (Tobesoft Nexacro). The root cause is an automatic update feature that does not verify input data beyond version information, enabling a remote attacker to download and execute arbitrary malicious files. Public details specify Nexacro/17.x va...

8.8CVSS9AI score0.00586EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/04/19 8:26 p.m.33 views

CVE-2021-26625 tobesoft Nexacro arbitrary file download vulnerability

Insufficient Verification of input Data leading to arbitrary file download and execute was discovered in Nexacro platform. This vulnerability is caused by an automatic update function that does not verify input data except version information. Remote attackers can use this incomplete validation...

8.8CVSS9.1AI score0.00586EPSS
Exploits0References1
Rows per page
Query Builder