Oscar

**Name of the Vulnerable Software and Affected Versions** ManageEngine AppManager15 version 15510 **Description** The issue allows an authenticated admin user to upload a DLL file, enabling a DLL hijack attack inside the 'working' folder through the 'Upload Files / Binaries' functionality. **Recommendations** For ManageEngine AppManager15 version 15510, consider disabling the 'Upload Files / Binaries' functionality as a temporary workaround until a patch is available. Restrict access to the 'working' folder to minimize the risk of exploitation. Avoid using the 'Upload Files / Binaries' functionality until the issue is resolved.