QNAP Signage Station: Publish and Be Damned (Part 2)
tl;dr Nettitude has discovered that the iArtist application is vulnerable to CWE-290 Authentication Bypass by Spoofing. This flaw can be leveraged to remove the need to supply valid credentials when uploading a presentation. [...]