Juyang.Gao

**Name of the Vulnerable Software and Affected Versions** ADM versions 4.0.6.REG2 through 4.1.0 ADM versions 4.2.1.RGE2 and below **Description** The EZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete files. **Recommendations** For ADM versions 4.0.6.REG2 through 4.1.0, consider restricting access to the EZ Sync service until a patch is available. For ADM versions 4.2.1.RGE2 and below, consider restricting access to the EZ Sync service until a patch is available. As a temporary workaround, consider disabling the EZ Sync service to minimize the risk of exploitation.