NAS vulnerabilities ( www.theregister.com )
Just stumbled across this (overly dramatic?) article and thought I'd just post it here...
It's more to act as a reminder that if you've got a NAS that is serving content to the interwebs, then make sure it's behind a proxy of some kind to prevent weaknesses (ie in the management Web UI) being exposed.
Obvz, this article is pointing to Zyxel, but it could be your DIY home-built NAS with Cockpit: CVE-2024-2947 - just an example, not bashing that project at all.
I've used Squid and HAProxy over the years (mostly on my pfSense box) - but I'd be interested to know if there's other options that I've not heard of
![](https://mbin.grits.dev/media/cache/resolve/entry_thumb/bc/ba/bcba3d3f3d3fe1c5aa80c43dccdb7deab02c31687fbe5c70775281c9a8fb57e8.jpg)