The host is installed with Axigen Free Mail Server and is prone to multiple directory traversal vulnerabilities. The flaws are present in the application, which fails to handle the View Log Files component. Successful exploitation allows attackers to read or delete arbitrary files via a .. (dot dot) in the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in an edit action or a delete action to the default URI.