Directory Traversal in Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 allows a remote attacker to obtain sensitive information via csvServer.php?file= with a .. in the dir parameter.
https://www.automatic-systems.com/range/
https://github.com/CQURE/CVEs/blob/main/CVE-2023-37607/README.md