Vulnerabilities > Tobesoft > Nexacro > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-19 | CVE-2021-26625 | Insufficient Verification of Data Authenticity vulnerability in Tobesoft Nexacro 17.1.2.500/17.1.2.600/17.1.3.301 Insufficient Verification of input Data leading to arbitrary file download and execute was discovered in Nexacro platform. | 6.8 |
| 2022-02-09 | CVE-2021-26613 | Improper Input Validation vulnerability in Tobesoft Nexacro improper input validation vulnerability in nexacro permits copying file to the startup folder using rename method. | 5.0 |
| 2021-09-09 | CVE-2020-7874 | Download of Code Without Integrity Check vulnerability in Tobesoft Nexacro 14.0.0.0 Download of code without integrity check vulnerability in NEXACRO14 Runtime ActiveX control of tobesoft Co., Ltd allows the attacker to cause an arbitrary file download and execution. | 6.8 |