I came across an article in the internet showing how to gain root access throw injecting a code into EasyNAS GUI.
I tried it myself and unfortunately the article is correct.
With that fact I did many changes in the code to fix this and other security issues.
I’ve added sanitation to the input coming from the GUI . and removed some of the OS calles I did from the CGI. This fixed the vulnerability and many others that could be exploited.
anyone that is using EasyNAS version earlier than 0.5.6 must upgrade immediately.