The host is installed with Node.js 20.0.x before 20.5.1 and is prone to a path traversal vulnerability. A flaw is present in the application which fails to properly handle issues in the experimental permission model. Successful exploitation allows attackers to cause a traversal path to bypass when using the deprecated API process.binding().