Vendor
The lego ACME client is vulnerable to arbitrary file write and deletion via path traversal, where a malicious ACME server can supply a crafted challenge token containing `../` sequences, causing lego to write attacker-influenced content to any path writable by the lego process, potentially leading to remote code execution, data destruction, or privilege escalation.