Simple Object Access Protocol Command Injection

Remote command injection vulnerabilities exist in multiple SOAP requests. A remote attacker can exploit these weaknesses to execute arbitrary commands in the affected devices via a crafted request.

You can read the full article here.