All users need to upgrade their FreeNAS to the latest stable (0.7.2.5543).
If you can’t upgrade: Restrict WebGUI acces from trusted IP addresses.
Thanks to Brian Adeloye from Tenable Network Security for reporting this vulnerability.