The host is installed with Node.js 20.0.x before 20.5.1 and is prone to a path traversal vulnerability. A flaw is present in the application which fails to properly handle the buffers in file system APIs used in the experimental permission model. Successful exploitation allows attackers to cause a traversal path to bypass when verifying file permissions.