Search criteria
5 vulnerabilities by NesterSoft Inc.
CVE-2025-15563 (GCVE-0-2025-15563)
Vulnerability from cvelistv5 – Published: 2026-02-19 11:01 – Updated: 2026-02-20 20:35
VLAI?
Title
Broken Access Control results in Denial of Service in NesterSoft WorkTime
Summary
Any unauthenticated user can reset the WorkTime on-prem database configuration by sending a specific HTTP request to the WorkTime server. No authorization check is applied here.
Severity ?
5.3 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NesterSoft Inc. | WorkTime (on-prem/cloud) |
Affected:
<= 11.8.8
|
Credits
Tobias Niemann, SEC Consult Vulnerability Lab
Daniel Hirschberger, SEC Consult Vulnerability Lab
Thorger Jansen, SEC Consult Vulnerability Lab
Marius Renner, SEC Consult Vulnerability Lab
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-15563",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-20T20:34:46.208230Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-20T20:35:11.872Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "WorkTime (on-prem/cloud)",
"vendor": "NesterSoft Inc.",
"versions": [
{
"status": "affected",
"version": "\u003c= 11.8.8"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tobias Niemann, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Daniel Hirschberger, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Thorger Jansen, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Marius Renner, SEC Consult Vulnerability Lab"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eAny unauthenticated user can reset the WorkTime on-prem database configuration by sending a specific HTTP request to the WorkTime server. No authorization check is applied here.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Any unauthenticated user can reset the WorkTime on-prem database configuration by sending a specific HTTP request to the WorkTime server. No authorization check is applied here."
}
],
"impacts": [
{
"capecId": "CAPEC-166",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-166 Force the System to Reset Values"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-19T11:01:56.524Z",
"orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"shortName": "SEC-VLab"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://r.sec-consult.com/worktime"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vendor did not respond to our communication attempts anymore. It is currently as of February 2026 unclear, whether a patch is available. Please contact the vendor to request a patch for the identified critical security issues.\u003cbr\u003e"
}
],
"value": "The vendor did not respond to our communication attempts anymore. It is currently as of February 2026 unclear, whether a patch is available. Please contact the vendor to request a patch for the identified critical security issues."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broken Access Control results in Denial of Service in NesterSoft WorkTime",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"assignerShortName": "SEC-VLab",
"cveId": "CVE-2025-15563",
"datePublished": "2026-02-19T11:01:56.524Z",
"dateReserved": "2026-02-04T07:44:38.507Z",
"dateUpdated": "2026-02-20T20:35:11.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15562 (GCVE-0-2025-15562)
Vulnerability from cvelistv5 – Published: 2026-02-19 10:54 – Updated: 2026-02-20 20:34
VLAI?
Title
Reflected Cross-Site Scripting in NesterSoft WorkTime
Summary
The server API endpoint /report/internet/urls reflects received data into the HTML response without applying proper encoding or filtering. This allows an attacker to execute arbitrary JavaScript in the victim's browser if the victim opens a URL prepared by the attacker.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NesterSoft Inc. | WorkTime (on-prem/cloud) |
Affected:
<= 11.8.8
|
Credits
Tobias Niemann, SEC Consult Vulnerability Lab
Daniel Hirschberger, SEC Consult Vulnerability Lab
Thorger Jansen, SEC Consult Vulnerability Lab
Marius Renner, SEC Consult Vulnerability Lab
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-15562",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-20T20:33:44.840500Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-20T20:34:10.495Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "WorkTime (on-prem/cloud)",
"vendor": "NesterSoft Inc.",
"versions": [
{
"status": "affected",
"version": "\u003c= 11.8.8"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tobias Niemann, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Daniel Hirschberger, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Thorger Jansen, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Marius Renner, SEC Consult Vulnerability Lab"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eThe server API endpoint\u0026nbsp;\u003cspan style=\"background-color: rgba(255, 255, 255, 0.5);\"\u003e/report/internet/urls\u003c/span\u003e reflects received data into the HTML response without applying proper encoding or filtering. This allows an attacker to execute arbitrary JavaScript in the victim\u0027s browser if the victim opens a URL prepared by the attacker.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "The server API endpoint\u00a0/report/internet/urls reflects received data into the HTML response without applying proper encoding or filtering. This allows an attacker to execute arbitrary JavaScript in the victim\u0027s browser if the victim opens a URL prepared by the attacker."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-19T10:54:52.516Z",
"orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"shortName": "SEC-VLab"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://r.sec-consult.com/worktime"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vendor did not respond to our communication attempts anymore. It is currently as of February 2026 unclear, whether a patch is available. Please contact the vendor to request a patch for the identified critical security issues.\u003cbr\u003e"
}
],
"value": "The vendor did not respond to our communication attempts anymore. It is currently as of February 2026 unclear, whether a patch is available. Please contact the vendor to request a patch for the identified critical security issues."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Reflected Cross-Site Scripting in NesterSoft WorkTime",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"assignerShortName": "SEC-VLab",
"cveId": "CVE-2025-15562",
"datePublished": "2026-02-19T10:54:52.516Z",
"dateReserved": "2026-02-04T07:44:36.442Z",
"dateUpdated": "2026-02-20T20:34:10.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15561 (GCVE-0-2025-15561)
Vulnerability from cvelistv5 – Published: 2026-02-19 10:53 – Updated: 2026-02-19 10:53
VLAI?
Title
Local Privilege Escalation in NesterSoft WorkTime
Summary
An attacker can exploit the update behavior of the WorkTime monitoring daemon to elevate privileges on the local system to NT Authority\SYSTEM. A malicious executable must be named WTWatch.exe and dropped in the C:\ProgramData\wta\ClientExe directory, which is writable by "Everyone". The executable will then be run by the WorkTime monitoring daemon.
Severity ?
No CVSS data available.
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NesterSoft Inc. | WorkTime (on-prem/cloud) |
Affected:
<= 11.8.8
|
Credits
Tobias Niemann, SEC Consult Vulnerability Lab
Daniel Hirschberger, SEC Consult Vulnerability Lab
Thorger Jansen, SEC Consult Vulnerability Lab
Marius Renner, SEC Consult Vulnerability Lab
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "WorkTime (on-prem/cloud)",
"vendor": "NesterSoft Inc.",
"versions": [
{
"status": "affected",
"version": "\u003c= 11.8.8"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tobias Niemann, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Daniel Hirschberger, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Thorger Jansen, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Marius Renner, SEC Consult Vulnerability Lab"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn attacker can exploit the update behavior of the WorkTime monitoring daemon to elevate privileges on the local system to NT Authority\\SYSTEM. A malicious executable must be named\u0026nbsp; WTWatch.exe and dropped in the C:\\ProgramData\\wta\\ClientExe directory, which is writable by \"Everyone\". The executable will then be run by the WorkTime monitoring daemon.\u003cbr\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "An attacker can exploit the update behavior of the WorkTime monitoring daemon to elevate privileges on the local system to NT Authority\\SYSTEM. A malicious executable must be named\u00a0 WTWatch.exe and dropped in the C:\\ProgramData\\wta\\ClientExe directory, which is writable by \"Everyone\". The executable will then be run by the WorkTime monitoring daemon."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-19T10:53:18.501Z",
"orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"shortName": "SEC-VLab"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://r.sec-consult.com/worktime"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vendor did not respond to our communication attempts anymore. It is currently as of February 2026 unclear, whether a patch is available. Please contact the vendor to request a patch for the identified critical security issues.\u003cbr\u003e"
}
],
"value": "The vendor did not respond to our communication attempts anymore. It is currently as of February 2026 unclear, whether a patch is available. Please contact the vendor to request a patch for the identified critical security issues."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Local Privilege Escalation in NesterSoft WorkTime",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"assignerShortName": "SEC-VLab",
"cveId": "CVE-2025-15561",
"datePublished": "2026-02-19T10:53:18.501Z",
"dateReserved": "2026-02-04T07:44:34.747Z",
"dateUpdated": "2026-02-19T10:53:18.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15560 (GCVE-0-2025-15560)
Vulnerability from cvelistv5 – Published: 2026-02-19 10:48 – Updated: 2026-02-19 10:48
VLAI?
Title
SQL Injection in NesterSoft WorkTime
Summary
An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server "widget" API endpoint to inject SQL queries. If the Firebird backend is used, attackers are able to retrieve all data from the database backend. If the MSSQL backend is used the attacker can execute arbitrary SQL statements on the database backend and gain access to sensitive data.
Severity ?
No CVSS data available.
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NesterSoft Inc. | WorkTime (on-prem/cloud) |
Affected:
<= 11.8.8
|
Credits
Tobias Niemann, SEC Consult Vulnerability Lab
Daniel Hirschberger, SEC Consult Vulnerability Lab
Thorger Jansen, SEC Consult Vulnerability Lab
Marius Renner, SEC Consult Vulnerability Lab
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "WorkTime (on-prem/cloud)",
"vendor": "NesterSoft Inc.",
"versions": [
{
"status": "affected",
"version": "\u003c= 11.8.8"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tobias Niemann, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Daniel Hirschberger, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Thorger Jansen, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Marius Renner, SEC Consult Vulnerability Lab"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server \"widget\" API endpoint to inject SQL queries. If the Firebird backend is used, attackers are able to retrieve all data from the database backend. If the MSSQL backend is used the attacker can execute arbitrary SQL statements on the database backend and gain access to sensitive data.\u003cbr\u003e"
}
],
"value": "An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server \"widget\" API endpoint to inject SQL queries. If the Firebird backend is used, attackers are able to retrieve all data from the database backend. If the MSSQL backend is used the attacker can execute arbitrary SQL statements on the database backend and gain access to sensitive data."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-19T10:48:43.486Z",
"orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"shortName": "SEC-VLab"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://r.sec-consult.com/worktime"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vendor did not respond to our communication attempts anymore. It is currently as of February 2026 unclear, whether a patch is available. Please contact the vendor to request a patch for the identified critical security issues.\u003cbr\u003e"
}
],
"value": "The vendor did not respond to our communication attempts anymore. It is currently as of February 2026 unclear, whether a patch is available. Please contact the vendor to request a patch for the identified critical security issues."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "SQL Injection in NesterSoft WorkTime",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"assignerShortName": "SEC-VLab",
"cveId": "CVE-2025-15560",
"datePublished": "2026-02-19T10:48:43.486Z",
"dateReserved": "2026-02-04T07:44:30.139Z",
"dateUpdated": "2026-02-19T10:48:43.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15559 (GCVE-0-2025-15559)
Vulnerability from cvelistv5 – Published: 2026-02-19 10:45 – Updated: 2026-02-19 10:45
VLAI?
Title
Unauthenticated OS Command Injection in NesterSoft WorkTime
Summary
An unauthenticated attacker can inject OS commands when calling a server API endpoint in NesterSoft WorkTime. The server API call to generate and download the WorkTime client from the WorkTime server is vulnerable in the “guid” parameter. This allows an attacker to execute arbitrary commands on the WorkTime server as NT Authority\SYSTEM with the highest privileges. Attackers are able to access or manipulate sensitive data and take over the whole server.
Severity ?
No CVSS data available.
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NesterSoft Inc. | WorkTime (on-prem/cloud) |
Affected:
<= 11.8.8
|
Credits
Tobias Niemann, SEC Consult Vulnerability Lab
Daniel Hirschberger, SEC Consult Vulnerability Lab
Thorger Jansen, SEC Consult Vulnerability Lab
Marius Renner, SEC Consult Vulnerability Lab
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "WorkTime (on-prem/cloud)",
"vendor": "NesterSoft Inc.",
"versions": [
{
"status": "affected",
"version": "\u003c= 11.8.8"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tobias Niemann, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Daniel Hirschberger, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Thorger Jansen, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Marius Renner, SEC Consult Vulnerability Lab"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated attacker can inject OS commands when calling a server API endpoint in NesterSoft WorkTime. \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe server API call to generate and download the WorkTime client from the WorkTime server is vulnerable in the \u201cguid\u201d parameter.\u0026nbsp;\u003c/span\u003eThis allows an attacker to execute arbitrary commands on the WorkTime server as NT Authority\\SYSTEM with the highest privileges. Attackers are able to access or manipulate sensitive data and take over the whole server.\u003cbr\u003e"
}
],
"value": "An unauthenticated attacker can inject OS commands when calling a server API endpoint in NesterSoft WorkTime. The server API call to generate and download the WorkTime client from the WorkTime server is vulnerable in the \u201cguid\u201d parameter.\u00a0This allows an attacker to execute arbitrary commands on the WorkTime server as NT Authority\\SYSTEM with the highest privileges. Attackers are able to access or manipulate sensitive data and take over the whole server."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-19T10:45:34.943Z",
"orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"shortName": "SEC-VLab"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://r.sec-consult.com/worktime"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vendor did not respond to our communication attempts anymore. It is currently as of February 2026 unclear, whether a patch is available. Please contact the vendor to request a patch for the identified critical security issues.\u003cbr\u003e"
}
],
"value": "The vendor did not respond to our communication attempts anymore. It is currently as of February 2026 unclear, whether a patch is available. Please contact the vendor to request a patch for the identified critical security issues."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Unauthenticated OS Command Injection in NesterSoft WorkTime",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"assignerShortName": "SEC-VLab",
"cveId": "CVE-2025-15559",
"datePublished": "2026-02-19T10:45:34.943Z",
"dateReserved": "2026-02-04T07:44:28.922Z",
"dateUpdated": "2026-02-19T10:45:34.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}