Vulnerabilities > Tobesoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-26 | CVE-2021-26629 | Path Traversal vulnerability in Tobesoft Xplatform A path traversal vulnerability in XPLATFORM's runtime archive function could lead to arbitrary file creation. | 8.8 |
| 2022-04-19 | CVE-2021-26625 | Insufficient Verification of Data Authenticity vulnerability in Tobesoft Nexacro 17.1.2.500/17.1.2.600/17.1.3.301 Insufficient Verification of input Data leading to arbitrary file download and execute was discovered in Nexacro platform. | 8.8 |
| 2022-04-19 | CVE-2021-26626 | Improper Input Validation vulnerability in Tobesoft Xplatform Improper input validation vulnerability in XPLATFORM's execBrowser method can cause execute arbitrary commands. | 8.8 |
| 2022-02-09 | CVE-2021-26613 | Improper Input Validation vulnerability in Tobesoft Nexacro improper input validation vulnerability in nexacro permits copying file to the startup folder using rename method. | 7.5 |
| 2021-11-30 | CVE-2021-26612 | Improper Input Validation vulnerability in Tobesoft Nexacro 14.0.0.0/14.0.1.3600/17.1.2.500 An improper input validation leading to arbitrary file creation was discovered in copy method of Nexacro platform. | 9.8 |
| 2021-10-26 | CVE-2021-26607 | Improper Input Validation vulnerability in Tobesoft Nexacro An Improper input validation in execDefaultBrowser method of NEXACRO17 allows a remote attacker to execute arbitrary command on affected systems. | 9.8 |
| 2021-09-09 | CVE-2020-7874 | Download of Code Without Integrity Check vulnerability in Tobesoft Nexacro 14.0.0.0 Download of code without integrity check vulnerability in NEXACRO14 Runtime ActiveX control of tobesoft Co., Ltd allows the attacker to cause an arbitrary file download and execution. | 8.8 |
| 2021-07-20 | CVE-2020-7866 | Improper Input Validation vulnerability in Tobesoft Xplatform When using XPLATFORM 9.2.2.270 or earlier versions ActiveX component, arbitrary commands can be executed due to improper input validation | 9.8 |
| 2021-04-20 | CVE-2020-7857 | Improper Input Validation vulnerability in Tobesoft Xplatform A vulnerability of XPlatform could allow an unauthenticated attacker to execute arbitrary command. | 9.8 |
| 2021-03-24 | CVE-2020-7853 | Out-of-bounds Write vulnerability in Tobesoft Xplatform An outbound read/write vulnerability exists in XPLATFORM that does not check offset input ranges, allowing out-of-range data to be read. | 9.8 |