CVE-2021-28799 - QNAP NAS Improper Authorization Vulnerability
Project:QNAP
Product:Network Attached Storage (NAS)
Date Added:2022-03-31Due Date:2022-04-21
Vulnerability Name
QNAP NAS Improper Authorization Vulnerability
Description
QNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a device.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-28799
Related News Articles
QNAP fixes NAS backup software zero-day exploited at Pwn2OwnOctober 30, 2024