Axway · Axway Securetransport · CVE-2012-4991
**Name of the Vulnerable Software and Affected Versions**
Axway SecureTransport versions 5.1 SP2 and earlier
**Description**
The issue allows remote authenticated users to perform various unauthorized actions, including reading, deleting, or creating files, as well as listing directories. This is achieved by using a ..%5C (encoded dot dot backslash) in a URI, which enables directory traversal.
**Recommendations**
For Axway SecureTransport versions 5.1 SP2 and earlier, update to a version later than 5.1 SP2 to resolve the issue.