Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The ACME-challenge endpoint in Appwrite 0.5.0 through 0.12.x before 0.12.2 allows remote attackers to read arbitrary local files via ../ directory traversal. In order to be vulnerable, APP_STORAGE_CERTIFICATES/.well-known/acme-challenge must exist on disk. (This pathname is automatically created if the user chooses to install Let's Encrypt certificates via Appwrite.)
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Appwrite 安全漏洞
Vulnerability Description
Appwrite是Appwrite开源的一个端到端的后端服务器。用于打包为一组 Docker 微服务的 Web、移动、本机或后端应用程序。 Appwrite 0.5.0 到 0.12.2 版本存在安全漏洞,该漏洞源于ACME-challenge 端点允许远程攻击者读取任意本地文件。
CVSS Information
N/A
Vulnerability Type
N/A