I’m a Synology NAS user, as are a lot of people running their home labs. There’s been a reported remote execution exploit announced by Synology. While a lot of people resonate with the idea of replacing cloud-based services with a system that they own, opening the system up to the internet is inherently risky. it might be a good time to reconsider opening your home lab to the outside world, without a VPN.

Better to set up a VPN server at your house and lock down your inbound ports. That way, you can securely access your home lab assets from the internet without exposing new security exploits to the world.

The update should be hitting your NAS in the next few days.

https://www.synology.com/en-global/security/advisory/Synology_SA_22_03