Taiwan-based network-attached storage (NAS) maker QNAP has released security patches for multiple vulnerabilities that could allow attackers to inject and execute malicious code and commands remotely on vulnerable NAS devices. The company also addressed a command injection bug (CVE-2021-34352) affecting some QNap end-of-life (EOL) devices running the QVR IP video surveillance software that helps attackers run arbitrary commands. Customers should immediately update both apps to the latest available releases as soon as possible.”]