This vulnerability is caused by the installer for the application using a hardcoded value for the validation and decryption key (sometimes known as the machine keys). These values are the same for all instances created by the vulnerable installer, and so an attacker can find these keys for your instance very easily.
If an attacker possesses these keys, they can execute code of their choice on the server remotely using well-known methods.
Updating to the latest version will cause the keys to be regenerated to secret values.