The vulnerability of the myupnpmediasvr process allows a hacker to write arbitrary files or execute arbitrary commands on QNAP’s operating systems and network storage devices.
The vulnerability of the myupnpmediasvr process, which operates as a DLNA server for QTS operating systems and QNAP network storage devices, is related to insufficient protection of service data during UPNP requests. Exploiting this vulnerability allows a malicious actor to write arbitrary files ...