Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism.