Tal0N

**Name of the Vulnerable Software and Affected Versions** Music daemon (musicd) versions 0.0.3 and earlier **Description** The issue allows remote attackers to read arbitrary files. This is achieved by calling LOAD with a full pathname, then calling SHOWLIST. **Recommendations** For Music daemon (musicd) versions 0.0.3 and earlier, consider restricting access to the LOAD and SHOWLIST functions until a patch is available. As a temporary workaround, avoid using the LOAD function with full pathnames to minimize the risk of exploitation.