Incorrect access control in mihomo v1.19.11 allows authenticated attackers with low-level privileges to read arbitrary files with elevated privileges via obtaining the external control key from the config file.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| metacubex | mihomo | 1.9.11 |