o tobesoft Co.,Ltd released security update to address improper input validation vulnerability in Nexacro platform.(development platform)
|improper input validation
||arbitrary file creation
o An improper input validation leading to arbitrary file creation was discovered in copy method of Nexacro platform.
o Remote attackers use copy method to execute arbitrary command after the file creation included malicious code.
□ Affected Product
o Update software over Nexacro 17 18.104.22.1680 version or higher.
o Thanks to Jeongun Baek for reporting this vulnerability.
□ 작성 : 침해사고분석단 취약점분석팀