Early last week researchers at 360Netlab received reports that QNAP NAS devices were being targetted by a new form of attacks. QNAP is a Taiwanese manufacturer of hardware, including network-attached storage (NAS) devices.
Internet of Things (IoT) and NAS devices are usually hijacked using credential theft or brute-force attacks. However, with this wave of attacks, it is thought that attacks exploited two vulnerabilities and used remote code execution (RCE). The vulnerabilities have been identified as CVE-2020-2507 and CVE-2020-2506. These vulnerabilities were disclosed in October 2020, but devices containing the firmware prior to August are still vulnerable to attacks.