2025-05-07 00:00:00
mitre
PUBLISHED
Personal Weather Station Dashboard 12_lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/_test.php, as demonstrated by reading the servers private SSL key in cleartext.