CVE-2025-30057

Publication date

2025-08-27 10:23:38

Family

CERT-PL

State

PUBLISHED

Description

In UHCRTFDoc, the filename parameter can be exploited to execute arbitrary code via command injection into the system() call in the ConvertToPDF function.