Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Missing Path Validation Enables Path Traversal in Controller.php
Vulnerability Description
Atheos is a self-hosted browser-based cloud IDE. Prior to v602, similar to GHSA-rgjm-6p59-537v/CVE-2025-22152, the `$target` parameter in `/controller.php` was not properly validated, which could allow an attacker to execute arbitrary files on the server via path traversal. v602 contains a fix for the issue.
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Atheos 安全漏洞
Vulnerability Description
Atheos是Atheos开源的一个基于浏览器的自托管云IDE。 Atheos v602之前版本存在安全漏洞,该漏洞源于/controller.php中的$target参数未正确验证,可能导致通过路径遍历执行任意文件。
CVSS Information
N/A
Vulnerability Type
N/A