Alef

**Name of the Vulnerable Software and Affected Versions** ONLYOFFICE Docs versions prior to 7.3 **Description** The issue is related to the use of an insecure path search in the ONLYOFFICE Docs online text document editor. Exploitation of this issue may allow an attacker to execute arbitrary code by substituting a legitimate DLL file with a malicious library. This can be achieved by using a Trojan horse `libgcc s.so.1` in the current working directory, which can be any directory where an ONLYOFFICE document is located. **Recommendations** For versions prior to 7.3, consider restricting access to the `libgcc s.so.1` library to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using directories that may contain malicious files as the current working directory for ONLYOFFICE Docs. At the moment, there is no information about a newer version that contains a fix for this vulnerability.