Vulnerabilities > Tobesoft > Nexacro > 17.1.3.301

DATE CVE VULNERABILITY TITLE RISK
2022-04-19 CVE-2021-26625 Insufficient Verification of Data Authenticity vulnerability in Tobesoft Nexacro 17.1.2.500/17.1.2.600/17.1.3.301
Insufficient Verification of input Data leading to arbitrary file download and execute was discovered in Nexacro platform.
network
low complexity
tobesoft CWE-345
8.8
2021-10-26 CVE-2021-26607 Improper Input Validation vulnerability in Tobesoft Nexacro
An Improper input validation in execDefaultBrowser method of NEXACRO17 allows a remote attacker to execute arbitrary command on affected systems.
network
low complexity
tobesoft CWE-20
critical
9.8
2020-05-06 CVE-2019-19167 Unspecified vulnerability in Tobesoft Nexacro
Tobesoft Nexacro v2019.9.25.1 and earlier version have an arbitrary code execution vulnerability by using method supported by Nexacro14 ActiveX Control.
network
low complexity
tobesoft
critical
9.8