CVE-2021-26612

Summary

An improper input validation leading to arbitrary file creation was discovered in copy method of Nexacro platform. Remote attackers use copy method to execute arbitrary command after the file creation included malicious code.

Affected Software

VendorProductVersion RangeStatus
TOBESOFTNEXACRO1717.1.2.500 <= 17.1.2.500affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References