GHSA-8P25-3Q46-8Q2P ESPHome vulnerable to remote code execution via arbitrary file write
Summary Security misconfiguration in edit configuration file API in dashboard component of ESPHome version 2023.12.9 command line installation allows authenticated remote attackers to read and write arbitrary files under the configuration directory rendering remote code execution possible. Detail...