Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

TOBESOFT — Vulnerabilities & Security Advisories 16

Browse all 16 CVE security advisories affecting TOBESOFT. AI-powered Chinese analysis, POCs, and references for each vulnerability.

TOBESOFT develops low-code/no-code application platforms enabling rapid custom software development. Historically, their products have faced multiple remote code execution vulnerabilities, often stemming from insecure deserialization and improper input validation, alongside cross-site scripting flaws and privilege escalation risks. The company has accumulated 16 CVEs, with several critical RCE issues allowing attackers to execute arbitrary code with system-level privileges. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities in serialization mechanisms and access controls suggests potential risks for organizations relying on their platforms without implementing additional security layers.

Top products by TOBESOFT: XPLATFORM Nexacro14 NEXACRO14/17 ExCommonApiV13 NEXACRO17 XPLATFORM ActiveX MiPlatform 320, 320U, 330, 330U XPLATFORM XPlatformLib922.dll
CVE IDTitleCVSSSeverityPublished
CVE-2021-26612 tobesoft Nexacro platform arbitrary file creation vulnerability — NEXACRO17CWE-20 8.1 High2021-11-30
CVE-2021-26607 TOBESOFT NEXACRO17 arbitrary command execution vulnerability — NEXACRO17CWE-20 8.1 High2021-10-26
CVE-2020-7874 NEXACRO14 Runtime arbitrary file download and execution vulnerability — NEXACRO14CWE-494 8.8 High2021-09-09
CVE-2020-7866 Tobesoft XPLATFORM Arbitrary Command Execution Vulnerability — XPLATFORMCWE-20 8.8 High2021-07-20
CVE-2020-7857 Tobesoft Xplatform 输入验证错误漏洞 — XPlatformCWE-470 7.5 High2021-04-20
CVE-2020-7853 TOBESOFT XPLATFORM Out-of-Bounds Read/Write Vulnerabilities — XplatformCWE-787 5.5 Medium2021-03-24
CVE-2020-7841 TOBESOFT XPLATFORM arbitrary hta file execution vulnerability — XPLATFORM XPlatformLib922.dllCWE-20 8.8 High2020-11-17
CVE-2020-7825 Tobesoft MiPlatform 操作系统命令注入漏洞 — MiPlatform 320, 320U, 330, 330UCWE-78 8.8 High2020-07-17
CVE-2020-7815 Tobesoft Xplatform 注入漏洞 — XPLATFORM 7.8 High2020-07-10
CVE-2020-7820 Tobesoft NEXACRO14/17 ExCommonApiV13 Arbitrary Code Execution Vulnerability — NEXACRO14/17 ExCommonApiV13CWE-20 7.8 High2020-07-02
CVE-2020-7821 Tobesoft NEXACRO14/17 ExCommonApiV13 Arbitrary Code Execution Vulnerability — NEXACRO14/17 ExCommonApiV13CWE-20 7.8 High2020-07-02
CVE-2019-19162 Tobesoft Xplatform 资源管理错误漏洞 — XPLATFORMCWE-416 7.8 High2020-05-11
CVE-2020-7806 Tobesoft Xplatform ActiveX File Download Vulnerability — XplatformCWE-494 7.8 High2020-05-06
CVE-2019-19167 Tobesoft Nexacro14 ActiveX File Download Vulnerability — Nexacro14CWE-494 7.8 High2020-05-06
CVE-2019-19166 Tobesoft XPlatform Arbitrary File Execution Vulnerability — XPlatformCWE-494 7.8 High2020-05-06
CVE-2018-5197 Tobesoft XPLATFORM ActiveX 安全漏洞 — XPLATFORM ActiveX 7.8 -2019-01-02

This page lists every published CVE security advisory associated with TOBESOFT. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.