CVE-2021-28799 | Cybersecurity Alerts | Nexus IT Services, LLC

← Back to Cybersecurity Alerts

CVE-2021-28799

QNAP | Network Attached Storage (NAS)Added 2022-03-31Remediation Deadline 2022-04-21Active Ransomware Campaign

QNAP NAS Improper Authorization Vulnerability

QNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a device.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-285

References

https://nvd.nist.gov/vuln/detail/CVE-2021-28799