The vulnerability stems from improper input validation in the handling of the 'snapshot_path' parameter within the API endpoint '/api/get-browser-snapshot'. By crafting a request with a manipulated 'snapshot_path' parameter, an attacker can read arbitrary files from the server's filesystem. This could lead to the disclosure of sensitive information, such as system configuration details, credentials stored in files, or any data that the server has access to. The impact is significant as it compromises the confidentiality and integrity of the server's data.

An attacker discovers the vulnerable endpoint and crafts a malicious HTTP GET request targeting the '/api/get-browser-snapshot' API. By setting the 'snapshot_path' parameter to the path of a sensitive file (e.g., '/etc/passwd'), the attacker can retrieve the contents of that file. This attack can be performed remotely and does not require authentication, making it particularly dangerous.

All users and administrators of the 'devika' web application by stitionai are affected by this vulnerability. Specifically, systems where the latest version of 'devika' is deployed without any mitigating controls in place are at risk. The vulnerability exposes sensitive files on the server to unauthorized access.