An issue exists in Italtel Embrace 1.6.4. The web server fails to sanitize input data, allowing remote unauthenticated malicious users to read arbitrary files on the filesystem.