mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.346
EPSS Ranking 98.2%