SINEC NMS is a new generation network management system (NMS) for digital enterprises. An arbitrary file upload vulnerability exists in Siemens SINEC NMS, which can be exploited by an attacker to upload a malicious firmware image or other file that could lead to remote code execution.