Hackers are scanning for vulnerable network-attached storage (NAS) devices trying to exploit a remote code execution (RCE) vulnerability. Unknown threat actors are currently exploiting a remote command execution vulnerability due to a command injection weakness in QNAP NAS devices’ firmware. The vulnerability allows unauthenticated, remote attackers to achieve authentication using the authLogout.cgi executable because it fails to sanitize input doesn’t filter out special characters and calls the system function to run the command string.
Source: https://www.bleepingcomputer.com/news/security/hackers-are-backdooring-qnap-nas-devices-with-3-year-old-rce-bug/