ISE Labs has conducted a research project where we have been looking into the security of embedded devices. This blog post covers some of the vulnerabilities we identified in the Lenovo ix4300d, an enterprise Network Attached Storage device (NAS) In this post, we will cover how we identified vulnerabilities and created a workflow that grants attackers the ability to remotely exploit this device. First, we figure out a way to get a shell on the device, then hunt down the individual pieces we will need to make it remotely exploitable.”]
Source: https://blog.securityevaluators.com/collecting-shells-by-the-sea-of-nas-vulnerabilities-155a0bd7c525

