Any network file system server (NAS device) provided with two network interfaces should work. It would be unusual to configure such a system to act as a router, so the default config should match your requirements. Then you simply configure the access rights on the server to match the requirements.
As TriPolar says, a router that brides two networks could be configured to only pass traffic that is destined to a specific service on a specific machine, and thus a server could be placed on one network and made visible on the other via the restricted router settings.
If you assume that the network that has read only rights is the insecure side, and the write capable side is more secure, both solutions have pretty much equal merit. If you want a more symmetric solution the first one is probably more useful. But there is devil in the exact details.