4 matches found
CVE-2021-26625
Insufficient Verification of input Data leading to arbitrary file download and execute was discovered in Nexacro platform. This vulnerability is caused by an automatic update function that does not verify input data except version information. Remote attackers can use this incomplete validation...
CVE-2021-26625
Insufficient Verification of input Data leading to arbitrary file download and execute was discovered in Nexacro platform. This vulnerability is caused by an automatic update function that does not verify input data except version information. Remote attackers can use this incomplete validation...
CVE-2021-26625
The CVE-2021-26625 entry concerns the Nexacro platform (Tobesoft Nexacro). The root cause is an automatic update feature that does not verify input data beyond version information, enabling a remote attacker to download and execute arbitrary malicious files. Public details specify Nexacro/17.x va...
CVE-2021-26625 tobesoft Nexacro arbitrary file download vulnerability
Insufficient Verification of input Data leading to arbitrary file download and execute was discovered in Nexacro platform. This vulnerability is caused by an automatic update function that does not verify input data except version information. Remote attackers can use this incomplete validation...