QNAP Symlink Remote Code Execution
The QNAP operating system suffers from a symlinking vulnerability. It is possible to upload a symlink trough a ZIP file and abuse the encrypt/decrypt function to gain an arbitrary file write primitive which can be turned into remote code execution. An attacker with privileges of a regular user ca...