Description
A Path Traversal vulnerability in LetsEncryptController in GrandNode allows an unauthenticated attacker to retrieve arbitrary files on the web server.
Remediation
Upgrade to the latest version of Grandnode
References
Related Vulnerabilities
Envoy Proxy Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-18836)
MySQL CVE-2022-21284 Vulnerability (CVE-2022-21284)
ColdFusion WDDX Deserialization RCE (CVE-2023-29300/CVE-2023-38203/CVE-2023-38204)
MediaWiki Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-36125)