QNAP systems has released patches with the intent to address multiple vulnerabilities influencing its products. This includes a critical-severity bug potentially leading to unauthenticated device accessibility, allowing users to compromise systems security through a network. The released patches have solved the issue.
“NAS software is incredibly complex, and complexity brings with it the increased likelihood of vulnerabilities. It’s good to see that QNAP are being proactive about patching and alerting on these bugs. However, it is equally important that users of “easy to set-and-forget” products, such as NAS devices, be diligent about installing them. Or, even better, configuring automatic updates whenever possible.”