NAS devices from manufacturer Synology can be remotely taken over via three critical vulnerabilities. Exploitation of the vulnerabilities is simple and requires no user interaction. Synology has released updates to fix the issues. The impact of the three vulnerabilities has been rated on a scale of 1 to 10 with a 10.0.
By sending a specially prepared packet, an attacker can execute arbitrary commands on the NAS device. The problem affects three NAS devices: DS3622xs+, FS3410 and HD6500. The vulnerabilities (CVE-2022-27624, CVE-2022-27625, and CVE-2022-27626), discovered by Synology itself, have been fixed in DiskStation Manager (DSM) version 7.1.1-42962-2 and later.
In the past year, in particular, QNAP NAS devices have been regularly targeted by ransomware attacks. However, last August, an instance was also discovered infecting Synology systems.