Name of the Vulnerable Software and Affected Versions LOOTSMAN:PLM (affected versions not specified)

Description The issue is related to the automatic data synchronization module "ЛОЦМАН Планировщик синхронизации" of the LOOTSMAN:PLM system, which allows for unlimited upload of dangerous file types. Exploitation of this issue can enable an attacker to execute arbitrary code by replacing dll libraries (such as oleacc.dll) in the "*ASCONLoodsmanSync" directory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.