CVE-2018-18778
ACME mini_httpd before 1.30 is vulnerable to local file inclusion (LFI) via HTTP handling, enabling a remote attacker to read arbitrary files on the server. The issue is described as improper handling of HTTP GET requests with empty headers, facilitating file read access. Affected software: ACME ...