QNAP and Synology say flaws in the Netatalk fileserver allow remote code execution and information disclosure.