Taiwan-based network-attached storage (NAS) maker QNAP has addressed a critical security vulnerability enabling attackers to compromise vulnerable NAS devices’ security. The improper access control vulnerability tracked as CVE-2021-28809 was found by Ta-Lun Yen of TXOne IoT/ICS Security Research Labs in HBS 3 Hybrid Backup Sync, QNAP’s disaster recovery and data backup solution.
Read full article on Bleeping Computer