An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS's (versions prior to 3.0.2) control.Referenceshttps://www.us-cert.gov/ics/advisories/icsa-20-098-01
