XML parsing hole allows unauthorized web interface access.
vulners.com/securityvulns/securityvulns:doc:3771