What the vulnerability does
01Description
improper input validation vulnerability in nexacro permits copying file to the startup folder using rename method.
CVE-2021-26613
HIGH
CVE-2021-26613: tobesoft nexacro arbitrary file creation vulnerability
CVSS base score
8.1/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Key dates
02Disclosure timeline
February 9, 2022
CVE published
August 3, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2020-5321
CVE-2026-3460 REST API TO MiniProgram <= 5.1.2 - Authenticated (Subscriber+) Insecure Direct Object Reference via 'userid' REST API Parameter
CVE-2024-47175 libppd's ppdCreatePPDFromIPP2 function does not sanitize IPP attributes when creating the PPD buffer
CVE-2023-25867 Adobe Substance 3D Stager PCX File Parsing Memory Corruption Remote Code Execution Vulnerability
CVE-2024-57960
