Browse all 5 CVE security advisories affecting NesterSoft Inc.. AI-powered Chinese analysis, POCs, and references for each vulnerability.
NesterSoft Inc. develops network monitoring and system administration software, primarily focused on infrastructure management and remote control solutions. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper access controls. While no major public security incidents have been widely documented, the five CVEs attributed to the company highlight recurring issues in authentication mechanisms and secure coding practices. Their software typically requires elevated privileges, making exploitation potentially impactful if vulnerabilities are present. Security researchers have noted that patch adoption has sometimes been slow, leaving exposed systems vulnerable to known threats.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-15563 | Broken Access Control results in Denial of Service in NesterSoft WorkTime — WorkTime (on-prem/cloud)CWE-862 | 5.3AI | MediumAI | 2026-02-19 |
| CVE-2025-15562 | Reflected Cross-Site Scripting in NesterSoft WorkTime — WorkTime (on-prem/cloud)CWE-79 | 6.1AI | MediumAI | 2026-02-19 |
| CVE-2025-15561 | Local Privilege Escalation in NesterSoft WorkTime — WorkTime (on-prem/cloud)CWE-269 | 7.8AI | HighAI | 2026-02-19 |
| CVE-2025-15560 | SQL Injection in NesterSoft WorkTime — WorkTime (on-prem/cloud)CWE-89 | 6.5AI | MediumAI | 2026-02-19 |
| CVE-2025-15559 | Unauthenticated OS Command Injection in NesterSoft WorkTime — WorkTime (on-prem/cloud)CWE-78 | 9.8AI | CriticalAI | 2026-02-19 |
This page lists every published CVE security advisory associated with NesterSoft Inc.. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.