24 matches found
EUVD-2021-15465
Malware in sbrugna...
EUVD-2024-45184
Malicious code in bioql PyPI...
EUVD-2024-54243
Malicious code in bioql PyPI...
CVE-2024-53695
A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.4.952 and later...
CVE-2024-53695 HBS 3 Hybrid Backup Sync
A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.4.952 and later...
CVE-2024-53695 HBS 3 Hybrid Backup Sync
A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.4.952 and later...
CVE-2024-50388
An OS command injection vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to execute commands. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.1.673 and later...
CVE-2024-50388 HBS 3 Hybrid Backup Sync
An OS command injection vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to execute commands. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.1.673 and later...
CVE-2024-50388 HBS 3 Hybrid Backup Sync
An OS command injection vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to execute commands. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.1.673 and later...
CVE-2024-50388
CVE-2024-50388 is an OS command injection vulnerability affecting HBS 3 Hybrid Backup Sync. The vulnerability could allow remote code execution; affected versions include prior to 25.1.1.673, with fixes in 25.1.1.673 and later. Public disclosures in multiple feeds corroborate remote-command execu...
QNAP QTS / QuTS hero Improper Authorization Vulnerability in HBS 3 (QSA-21-13)
The version of QNAP QTS or QuTS hero on the remote host is affected by an improper authorization vulnerability when running HBS 3 Hybrid Backup Sync. If exploited, the vulnerability allows remote attackers to log in to a device. Note that Nessus has not tested for this issue but has instead relie...
QNAP NAS Improper Authorization Vulnerability
QNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a device...
QNAP Is Latest to Get Dinged by OpenSSL Bugs Fallout
On Monday, QNAP put out two security advisories about OpenSSL remote-code execution and denial-of-service DoS bugs, fixed last week, that affect its network-attached storage NAS devices. The vulnerabilities are tracked as CVE-2021-3711 – a high-severity buffer overflow related to SM2 decryption–...
eCh0raix Ransomware Variant Targets QNAP, Synology NAS Devices
Operators of the nearly-year-old eCh0raix ransomware strain that’s been used to target QNAP and Synology network-attached storage NAS devices in past, separate campaigns have, gotten more efficient. According to researchers, both have put out a new variant that can target either vendors’ devices ...
CVE-2021-28809
An improper access control vulnerability has been reported to affect certain legacy versions of HBS 3. If exploited, this vulnerability allows attackers to compromise the security of the operating system.QNAP have already fixed this vulnerability in the following versions of HBS 3: QTS 4.3.6: HBS...
Improper access control
An improper access control vulnerability has been reported to affect certain legacy versions of HBS 3. If exploited, this vulnerability allows attackers to compromise the security of the operating system.QNAP have already fixed this vulnerability in the following versions of HBS 3: QTS 4.3.6: HBS...
CVE-2021-28809
CVE-2021-28809 affects certain legacy QNAP HBS 3 components used in QTS 4.3.x releases. The root cause is improper access control in HBS 3, enabling unauthenticated access over network to compromise the operating system. ZDI indicates potential remote code execution via the RTSS server (default p...
CVE-2021-28799
An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 Hybrid Backup Sync. If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4.5.2; versions prior to...
Authorization
An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 Hybrid Backup Sync. If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4.5.2; versions prior to...
CVE-2021-28799 Improper Authorization Vulnerability in HBS 3 (Hybrid Backup Sync)
An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 Hybrid Backup Sync. If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4.5.2; versions prior to...