Monad

**Name of the Vulnerable Software and Affected Versions** Supervisor versions 4.0.2 and earlier **Description** The issue is related to the inet http server component, which can allow an unauthenticated user to read log files or restart a service if it is enabled and no password is set. The maintainer has added an additional warning to the documentation but will not remove the ability to run an open server. This could potentially allow a remote attacker to access confidential data or cause a denial of service. **Recommendations** For Supervisor versions 4.0.2 and earlier, consider disabling the inet http server component or setting a password to prevent unauthorized access. As a temporary workaround, restrict access to the Supervisor logs and services to minimize the risk of exploitation. Ensure that the inet http server component is properly configured and secured to prevent potential attacks.