I'm new here, and am mostly posting this to hopefully get the attention of STH so they can signal boost this to the audience. Terramaster NAS owners beware too!
I am a big fan of STH content, and recently purchased a Terramaster F2-210 NAS based on reviews STH published. It is a great product, however I discovered something rather unsettling about it security wise that STH may wish to mention in a video to protect others who haven't noticed. Essentially, the NAS is exposing itself to the world without permission, assuming it is running on a router that has uPnP enabled. This has a CVE now which can be viewed here NVD - CVE-2021-30127.
I've posted more details privately using the 'contact us' form that make this somewhat more scary.
You can read more about this here: Terramaster NAS exposing itself with UPNP as well as in the discussions I link in that blog post.
I am a big fan of STH content, and recently purchased a Terramaster F2-210 NAS based on reviews STH published. It is a great product, however I discovered something rather unsettling about it security wise that STH may wish to mention in a video to protect others who haven't noticed. Essentially, the NAS is exposing itself to the world without permission, assuming it is running on a router that has uPnP enabled. This has a CVE now which can be viewed here NVD - CVE-2021-30127.
I've posted more details privately using the 'contact us' form that make this somewhat more scary.
You can read more about this here: Terramaster NAS exposing itself with UPNP as well as in the discussions I link in that blog post.
Last edited: