QNAP has addressed two critical security vulnerabilities in the Helpdesk app that can potential allow threat actors to take over vulnerable network-attached storage (NAS) devices. The Taiwanese vendor confirmed that if exploited, the two improper access control vulnerabilities could allow attackers to obtain control of a QNap device. The company also urged its users to update the Malware Remover app to prevent NAS devices from being infected by the QSnatch malware. Experts warn that encrypted files cant be recovered without paying the ransom to the ransomware operators.”]
Source: https://securityaffairs.co/wordpress/109232/security/qnap-fixes-2-flaws.html