CVE-2018-14417
SoftNAS Cloud OS Command Injection (CVE-2018-14417) affects SoftNAS Cloud prior to 4.0.3. The vulnerability is in the web administration snserv endpoint: the check/update path does not sanitize the recentVersion parameter, allowing an unauthenticated attacker to execute arbitrary commands with ro...