Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a directory traversal vulnerability that could allow an unauthenticated user to directly access any file outside the webroot.
https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-03