Got one of the QNAP Turbo NAS? If so, be sure to hit your NAS’s firmware update as QNAP has released Qfix 1.0.1 patch for its Turbo NAS to address GNU Bash Environment Variable Command Injection Vulnerability, aka “Shellshock”. As you may have awared that Shellshock affects Linux/UNIX based system that potentially allows attackers to gain remote control of the device. So be sure to update to the latest firmware either directly from QNAP’s website or via the firmware update of your NAS.
The fix applies to all of the QNAP Turbo NAS, not just the current models but also many of the older models. The models are not affected are TS-431, TS-231, TS-131, TS-201, TS-101, TS-100, and QG-103N.The company will relase a new patch later for the VioStor NVR and the NMP media player to fix Bash security issues.