CVE-2025-15559

An unauthenticated attacker can inject OS commands when calling a server API endpoint in NesterSoft WorkTime. The server API call to generate and download the WorkTime client from the WorkTime server is vulnerable in the “guid” parameter. This allows an attacker to execute arbitrary commands on t...

CVE-2025-15563

CVE-2025-15563 affects NesterSoft WorkTime on-prem when an unauthenticated user can send a specific HTTP request to reset the WorkTime database configuration due to a broken access control. The underlying issue is lack of authorization checks for configuration changes exposed via HTTP. Consequenc...

CVE-2025-15562

CVE-2025-15562 is a reflected cross-site scripting vulnerability affecting NesterSoft WorkTime. The issue occurs at the server API endpoint /report/internet/urls, which reflects user-supplied data into the HTML response without proper encoding or filtering. This can allow an attacker to execute a...

CVE-2025-15561 Local Privilege Escalation in NesterSoft WorkTime

An attacker can exploit the update behavior of the WorkTime monitoring daemon to elevate privileges on the local system to NT Authority\SYSTEM. A malicious executable must be named WTWatch.exe and dropped in the C:\ProgramData\wta\ClientExe directory, which is writable by "Everyone". The...

CVE-2025-15561

CVE-2025-15561 describes a local privilege escalation in NesterSoft WorkTime. An attacker can exploit the update behavior of the WorkTime monitoring daemon to elevate privileges to NT AUTHORITY\SYSTEM. The attack requires a malicious executable named WTWatch.exe to be dropped in the writable dire...

CVE-2025-15559 Unauthenticated OS Command Injection in NesterSoft WorkTime

An unauthenticated attacker can inject OS commands when calling a server API endpoint in NesterSoft WorkTime. The server API call to generate and download the WorkTime client from the WorkTime server is vulnerable in the “guid” parameter. This allows an attacker to execute arbitrary commands on t...

CVE-2025-15559

The CVE describes an unauthenticated OS command injection in NesterSoft WorkTime, exploitable via the server API endpoint used to generate/download the WorkTime client, specifically in the risk-prone “guid” parameter. The underlying issue allows arbitrary commands to run on the WorkTime server wi...

NesterSoft WorkTime 安全漏洞

NesterSoft WorkTime is a project tracking software developed by the Canadian company NesterSoft. NesterSoft WorkTime has a security vulnerability that stems from unauthorized inspections, which may lead to the resetting of database configurations...

NesterSoft WorkTime 安全漏洞

NesterSoft WorkTime is a project tracking software developed by the Canadian company NesterSoft. NesterSoft WorkTime has a security vulnerability, which stems from an OS command injection vulnerability in the server API endpoint GUID parameter. This vulnerability could allow for the execution of...

NesterSoft WorkTime 安全漏洞

NesterSoft WorkTime is a project tracking software developed by the Canadian company NesterSoft. NesterSoft WorkTime has a security vulnerability that stems from improper encoding or filtering of data at the internet/urls endpoint, which may lead to cross-site scripting attacks...

NesterSoft WorkTime 安全漏洞

NesterSoft WorkTime is a project tracking software developed by the Canadian company NesterSoft. NesterSoft WorkTime has a security vulnerability, which stems from an SQL injection vulnerability in the widget API endpoint. This vulnerability could lead to data leaks or the execution of arbitrary...

NesterSoft WorkTime 安全漏洞

NesterSoft WorkTime is a project tracking software developed by the Canadian company NesterSoft. NesterSoft WorkTime has a security vulnerability, which stems from a flaw in the monitoring of the daemon’s update behavior, potentially leading to an increase in local privileges...