CVE-2021-26625

Name of the Vulnerable Software and Affected Versions Nexacro platform (affected versions not specified)

Description The issue is related to insufficient verification of input data, which can lead to arbitrary file download and execution. This is caused by an automatic update function that fails to properly validate input data, except for version information. As a result, remote attackers can exploit this incomplete validation logic to download and execute arbitrary malicious files.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.