2 matches found
CVE-2021-28809
CVE-2021-28809 affects certain legacy QNAP HBS 3 components used in QTS 4.3.x releases. The root cause is improper access control in HBS 3, enabling unauthenticated access over network to compromise the operating system. ZDI indicates potential remote code execution via the RTSS server (default p...
CVE-2021-28809 Missing Authentication for Critical Function in RTRR Server in HBS3
An improper access control vulnerability has been reported to affect certain legacy versions of HBS 3. If exploited, this vulnerability allows attackers to compromise the security of the operating system.QNAP have already fixed this vulnerability in the following versions of HBS 3: QTS 4.3.6: HBS...