QNAP TS-453E malware_remover Code Injection Remote Code Execution Vulnerability

A critical unauthenticated remote code execution vulnerability (CVE-2025-11837) has been identified in QNAP TS-453E NAS devices, allowing network-adjacent attackers to execute arbitrary code without requiring credentials. This poses a severe risk as attackers can gain full control of affected devices to steal data, deploy malware, or pivot into connected networks. Security teams should immediately prioritize patching these devices, restrict network access to them, and monitor for signs of exploitation or unauthorized access.