An Improper input validation in execDefaultBrowser method of NEXACRO17 allows a remote malicious user to execute arbitrary command on affected systems.
tobesoft nexacro