Key Information Summary Vulnerability Type Arbitrary File Read Vulnerability Vulnerability Description The system does not perform any interception on user requests, allowing attackers to read the content of arbitrary files by manipulating specific parameters. Vulnerability Code Location — method. method calls the above method and passes the file path via the parameter. Exploitation Method By crafting a specific parameter value, attackers can read the content of any file on the server. Example: - URL: Example Request and Response Request Example: Response Example: Impact Attackers can exploit this vulnerability to read any file on the server, including sensitive configuration files and log files, thereby obtaining confidential system information.