CVE-2021-28799 - QNAP NAS Improper Authorization Vulnerability

CVE-2021-28799: QNAP | Network Attached Storage (NAS)

Date Added:
2022-03-31

Due Date:
2022-04-21

Vulnerability Name: QNAP NAS Improper Authorization Vulnerability

Description: QNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a device.

Known To Be Used in Ransomware Campaigns?: Known

Action: Apply updates per vendor instructions.

Additional Notes: https://nvd.nist.gov/vuln/detail/CVE-2021-28799

Related News Articles: QNAP fixes NAS backup software zero-day exploited at Pwn2OwnOctober 30, 2024

Free security scan for your website

Don't show website scan report rating on the leaderboard