Name of the Vulnerable Software and Affected Versions LOTCMAN:PLM (affected versions not specified)

Description The issue is related to a module for creating, editing, and saving scheme types of typical and working business processes, defining business process properties, and creating lists of attached objects in the "ЛОЦМАН WorkFlow Дизайнер" system. It is associated with the unrestricted upload of dangerous file types. Exploitation of this issue could allow an attacker to execute arbitrary code by replacing dll libraries (such as RICHED20.DLL) in the "*ASCONLoodsmanWorkFlow" directory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.