Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive information via access to device/VM restore mount points, because they do not have ACLs by default.
http://www.information-paradox.net/2015/02/cve-2015-2081-multiple-vulnerabilities.html