Mitigate command injection by prohibiting the setting of multiple NIC options at once
Reason for Closing:
Reason for Blocked:
Support Suite Ticket:
The network interface configuration of FreeNAS is vulnerable to command injection. Values entered as NIC options get executed in a shell context.
This finding has low severity because the same users are already having shell access.