UniFi Video Server web interface Configuration Restore path traversal leading to local system compromise

In UniFi Video Controller 3.9.3 and prior, an user with administrator privileges can restore the configuration using a specially crafted zip file. Due to the lack of validation for path transversal, the user can upload arbitrary files to arbitrary locations.