Skip to content

CVE-2021-28799

is CVE-2021-28799real, exploitable, or a false positive? Here's the community ground truth.

☆ Watch
Critical · CVSS 10EPSS 78.4%CISA KEVCWE-285

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. ) If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4.5.2; versions prior to v3.0.210412 on QTS 4.3.6; versions prior to v3.0.210411 on QTS 4.3.4; versions prior to v3.0.210411 on QTS 4.3.3; versions prior to v16.0.0419 on QuTS hero h4.5.1; versions prior to v16.0.0419 on QuTScloud c4.5.1~c4.5.4. This issue does not affect: QNAP Systems Inc. HBS 2 . QNAP Systems Inc. HBS 1.3 .

References

NVD MITRE CVE.org CISA KEV

Published

Embed this verdict
TruePositive verdict for CVE-2021-28799
Markdown
[![TruePositive verdict](https://www.truepositive.app/cve/CVE-2021-28799/badge.svg)](https://www.truepositive.app/cve/CVE-2021-28799)
HTML
<a href="https://www.truepositive.app/cve/CVE-2021-28799"><img src="https://www.truepositive.app/cve/CVE-2021-28799/badge.svg" alt="TruePositive verdict for CVE-2021-28799"></a>

Live badge — updates automatically as the community verdict changes.

Community ground truth

Community verdict

3 verdicts
Not a real issue

to add your verdict.

Community real-world severity: Critical (Critical 3) — CVSS base score 10

In line with its CVSS base score.

Field notes & remediation

Verdicts are the quick signal — notes are the evidence and fixes behind them.

No notes yet — be the first to share what you saw or a fix that worked.

    Related CVEs

    Same weaknessCWE-285.