CVE-2022-48422

Name of the Vulnerable Software and Affected Versions ONLYOFFICE Docs versions prior to 7.3

Description The issue is related to the use of an insecure path search in the ONLYOFFICE Docs online text document editor. Exploitation of this issue may allow an attacker to execute arbitrary code by substituting a legitimate DLL file with a malicious library. This can be achieved by using a Trojan horse libgcc s.so.1 in the current working directory, which can be any directory where an ONLYOFFICE document is located.

Recommendations For versions prior to 7.3, consider restricting access to the libgcc s.so.1 library to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using directories that may contain malicious files as the current working directory for ONLYOFFICE Docs. At the moment, there is no information about a newer version that contains a fix for this vulnerability.