QuoteWA is very old, so it might have some vulnerable computer exploitation?
Yes, we fixed a few of these. That's also how Silkworm worked, it exploited buffer overflows. We also added some security strengthening like ASLR I think.
However, the connection method (TCP/IP) isn't important. Normal hosting is also a direct connection.
Using WormNAT2 or HostingBuddy gives you a bit more safety because they decode the packets, so a malformed packet will cause the connection to be dropped. They only decode frontend packets though. They also act as a proxy, so your IP is not exposed.