45 matches found
CVE-2025-15561 Local Privilege Escalation in NesterSoft WorkTime
An attacker can exploit the update behavior of the WorkTime monitoring daemon to elevate privileges on the local system to NT Authority\SYSTEM. A malicious executable must be named WTWatch.exe and dropped in the C:\ProgramData\wta\ClientExe directory, which is writable by "Everyone". The...
CVE-2025-15561
CVE-2025-15561 concerns the WorkTime monitoring daemon. An attacker can escalate local privileges to NT AUTHORITY\SYSTEM by placing a malicious WTWatch.exe into C:\ProgramData\wta\ClientExe (writable by Everyone); the daemon then executes it with SYSTEM privileges due to its update behavior. Affe...
CVE-2025-15561 Local Privilege Escalation in NesterSoft WorkTime
An attacker can exploit the update behavior of the WorkTime monitoring daemon to elevate privileges on the local system to NT Authority\SYSTEM. A malicious executable must be named WTWatch.exe and dropped in the C:\ProgramData\wta\ClientExe directory, which is writable by "Everyone". The...
CVE-2025-15560 SQL Injection in NesterSoft WorkTime
An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server "widget" API endpoint to inject SQL queries. If the Firebird backend is used, attackers are able to retrieve all data from the database backend. If the MSSQL backend is used the attacker can...
CVE-2025-15560
An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server "widget" API endpoint to inject SQL queries. If the Firebird backend is used, attackers are able to retrieve all data from the database backend. If the MSSQL backend is used the attacker can...
CVE-2025-15560 SQL Injection in NesterSoft WorkTime
An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server "widget" API endpoint to inject SQL queries. If the Firebird backend is used, attackers are able to retrieve all data from the database backend. If the MSSQL backend is used the attacker can...
CVE-2025-15560
CVE-2025-15560 : An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server “widget” API endpoint to inject SQL queries. If the backend uses Firebird , the attacker can retrieve all data from the database. If the backend uses MSSQL , the attacker can exe...
CVE-2025-15559 Unauthenticated OS Command Injection in NesterSoft WorkTime
An unauthenticated attacker can inject OS commands when calling a server API endpoint in NesterSoft WorkTime. The server API call to generate and download the WorkTime client from the WorkTime server is vulnerable in the “guid” parameter. This allows an attacker to execute arbitrary commands on t...
CVE-2025-15559 Unauthenticated OS Command Injection in NesterSoft WorkTime
An unauthenticated attacker can inject OS commands when calling a server API endpoint in NesterSoft WorkTime. The server API call to generate and download the WorkTime client from the WorkTime server is vulnerable in the “guid” parameter. This allows an attacker to execute arbitrary commands on t...
CVE-2025-15559
An unauthenticated attacker can inject OS commands when calling a server API endpoint in NesterSoft WorkTime. The server API call to generate and download the WorkTime client from the WorkTime server is vulnerable in the “guid” parameter. This allows an attacker to execute arbitrary commands on t...
CVE-2025-15559
Summary: CVE-2025-15559 affects NesterSoft WorkTime. An unauthenticated OS command injection in the server API endpoint used to generate/download the WorkTime client (parameter: “guid”) allows execution of arbitrary commands on the WorkTime server with NT AUTHORITY\SYSTEM privileges, potentially ...
NesterSoft WorkTime 安全漏洞
NesterSoft WorkTime is a project tracking software developed by the Canadian company NesterSoft. NesterSoft WorkTime has a security vulnerability, which stems from an SQL injection vulnerability in the widget API endpoint. This vulnerability could lead to data leaks or the execution of arbitrary...
NesterSoft WorkTime 安全漏洞
NesterSoft WorkTime is a project tracking software developed by the Canadian company NesterSoft. NesterSoft WorkTime has a security vulnerability, which stems from an OS command injection vulnerability in the server API endpoint GUID parameter. This vulnerability could allow for the execution of...
PT-2026-20798
An unauthenticated attacker can inject OS commands when calling a server API endpoint in NesterSoft WorkTime. The server API call to generate and download the WorkTime client from the WorkTime server is vulnerable in the “guid” parameter. This allows an attacker to execute arbitrary commands on t...
PT-2026-20799
An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server "widget" API endpoint to inject SQL queries. If the Firebird backend is used, attackers are able to retrieve all data from the database backend. If the MSSQL backend is used the attacker can...
NesterSoft WorkTime 安全漏洞
NesterSoft WorkTime is a project tracking software developed by the Canadian company NesterSoft. NesterSoft WorkTime has a security vulnerability that stems from improper encoding or filtering of data at the internet/urls endpoint, which may lead to cross-site scripting attacks...
NesterSoft WorkTime 安全漏洞
NesterSoft WorkTime is a project tracking software developed by the Canadian company NesterSoft. NesterSoft WorkTime has a security vulnerability, which stems from a flaw in the monitoring of the daemon’s update behavior, potentially leading to an increase in local privileges...
NesterSoft WorkTime 安全漏洞
NesterSoft WorkTime is a project tracking software developed by the Canadian company NesterSoft. NesterSoft WorkTime has a security vulnerability that stems from unauthorized inspections, which may lead to the resetting of database configurations...
PT-2026-20802
Any unauthenticated user can reset the WorkTime on-prem database configuration by sending a specific HTTP request to the WorkTime server. No authorization check is applied here...
PT-2026-20800
An attacker can exploit the update behavior of the WorkTime monitoring daemon to elevate privileges on the local system to NT AuthoritySYSTEM. A malicious executable must be named WTWatch.exe and dropped in the C:ProgramDatawtaClientExe directory, which is writable by "Everyone". The executable...