Knightliao

**Name of the Vulnerable Software and Affected Versions** knightliao Disconf version 2.6.36 **Description** A critical issue has been found, affecting an unknown part of the file `/api/config/list` of the component Configuration Center. This leads to improper authentication and can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For version 2.6.36, consider disabling access to the `/api/config/list` endpoint until a patch is available. Restrict access to the Configuration Center component to minimize the risk of exploitation. Avoid using this version until a fixed version is released. At the moment, there is no information about a newer version that contains a fix for this issue.