Arbitrary File Creation Vulnerability in Nexacro Platform's Copy Method
CVE-2021-26612 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
An improper input validation leading to arbitrary file creation was discovered in copy method of Nexacro platform. Remote attackers use copy method to execute arbitrary command after the file creation included malicious code.
Learn more about our Web Application Penetration Testing UK.