Vulnerabilities > Tobesoft > Nexacro > 17.1.3.301

DATE CVE VULNERABILITY TITLE RISK
2022-04-19 CVE-2021-26625 Insufficient Verification of Data Authenticity vulnerability in Tobesoft Nexacro 17.1.2.500/17.1.2.600/17.1.3.301
Insufficient Verification of input Data leading to arbitrary file download and execute was discovered in Nexacro platform.
network
tobesoft CWE-345
6.8
6.8
2021-10-26 CVE-2021-26607 Improper Input Validation vulnerability in Tobesoft Nexacro
An Improper input validation in execDefaultBrowser method of NEXACRO17 allows a remote attacker to execute arbitrary command on affected systems.
network
low complexity
tobesoft CWE-20
critical
 10.0
10