← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-28799 — Actively Exploited: Network Attached Storage (NAS) (QNAP)

QNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a device.

CVE IDCVE-2021-28799
VendorQNAP
ProductNetwork Attached Storage (NAS)
Vulnerability nameQNAP NAS Improper Authorization Vulnerability
Date added2022-03-31
Remediation due2022-04-21
Known ransomware useKnown
Required actionApply updates per vendor instructions.
DescriptionQNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a device.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →