Some QNAP network attached storage devices are vulnerable to attack because of two critical vulnerabilities, one that enables unauthenticated remote code execution and another that provides the ability to write to arbitrary files. The vulnerabilities were made known to the Taiwan-based company on October 12, 2020, and on November 29, 2020, by SAM Seamless Network, a connected home security firm.

Read full article on The Register