Security researchers exploited multiple Synology and QNAP devices (NAS, IP cameras, even routers), gaining root access.

In one case, QNAP still had a hard coded password, after all security incidents in previous years. One of the bugs was known to synology and had not been patched.

Ah Synology's DSM, packaged with things that are outdated or EOL. Docker being one of them, EOL by about a year.