Arcserve UDP < 5.0 Update 4 Directory Traversal
The Arcserve Unified Data Protection UDP application running on the remote host is affected by a directory traversal vulnerability. An unauthenticated, remote attacker can exploit this, via a crafted file path to the 1 reportFileServlet or 2 exportServlet servlet, to obtain sensitive information ...