Security issue in Terramaster NAS products


New Member
Apr 5, 2021
I'm new here, and am mostly posting this to hopefully get the attention of STH so they can signal boost this to the audience. Terramaster NAS owners beware too!

I am a big fan of STH content, and recently purchased a Terramaster F2-210 NAS based on reviews STH published. It is a great product, however I discovered something rather unsettling about it security wise that STH may wish to mention in a video to protect others who haven't noticed. Essentially, the NAS is exposing itself to the world without permission, assuming it is running on a router that has uPnP enabled. This has a CVE now which can be viewed here NVD - CVE-2021-30127.

I've posted more details privately using the 'contact us' form that make this somewhat more scary.

You can read more about this here: Terramaster NAS exposing itself with UPNP as well as in the discussions I link in that blog post.
Last edited: