IBM Aspera Orchestrator 4.0.1 could allow a remote authenticated malicious user to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 260116.