The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
The Remote host is vulnerable to a remote code execution vulnerability.
The remote host is vulnerable to a flaw which allows a remote attacker to control the system. The flaw, nicknamed Devil's Ivy stems from a buffer overflow in the gSoap component.
The vendor has released a patch to address this issue.