XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a "GET ../" HTTP request.