CVE-2017-2185by Jeremyin Security Bulletinson Posted on July 7, 2017 HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via WebUI.