Tobesoft Nexacro17 vulnerabilities
2 known vulnerabilities affecting tobesoft/nexacro17.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2021-26607P2CRITICALCVSS 9.8≥ 17.1.3.301, ≤ 17.1.3.3012021-10-26
CVE-2021-26607 [CRITICAL] CWE-20 CVE-2021-26607: An Improper input validation in execDefaultBrowser method of NEXACRO17 allows a remote attacker to e
An Improper input validation in execDefaultBrowser method of NEXACRO17 allows a remote attacker to execute arbitrary command on affected systems.
nvd
CVE-2021-26612P3CRITICALCVSS 9.8≥ 17.1.2.500, ≤ 17.1.2.5002021-11-30
CVE-2021-26612 [CRITICAL] CWE-20 CVE-2021-26612: An improper input validation leading to arbitrary file creation was discovered in copy method of Nex
An improper input validation leading to arbitrary file creation was discovered in copy method of Nexacro platform. Remote attackers use copy method to execute arbitrary command after the file creation included malicious code.
nvd