Vulnerabilities > Tobesoft > Nexacro > 14.0.1.3600

DATE CVE VULNERABILITY TITLE RISK
2021-11-30 CVE-2021-26612 Improper Input Validation vulnerability in Tobesoft Nexacro 14.0.0.0/14.0.1.3600
An improper input validation leading to arbitrary file creation was discovered in copy method of Nexacro platform.
network
low complexity
tobesoft CWE-20
7.5
7.5
2021-10-26 CVE-2021-26607 Improper Input Validation vulnerability in Tobesoft Nexacro
An Improper input validation in execDefaultBrowser method of NEXACRO17 allows a remote attacker to execute arbitrary command on affected systems.
network
low complexity
tobesoft CWE-20
critical
 10.0
10