GCVE - cpe:2.3:a:qnap_systems_inc.:hbs_3:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:qnap_systems_inc.:hbs_3:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Qnap Systems Inc. (`1f66ac1e-0889-51bf-b27f-24c7175e5920`)
Product	Hbs 3 (`a22f13fd-c0bc-5264-95c2-66429e013fd8`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-28809`	vulnerable	2026-06-03 14:44:18.805803	Missing Authentication for Critical Function in RTRR Server in HBS3 CRITICAL (9.8) An improper access control vulnerability has been reported to affect certain legacy versions of HBS 3. If exploited, this vulnerability allows attackers to compromise the security of the operating system.QNAP have already fixed this vulnerability in the following versions of HBS 3: QTS 4.3.6: HBS 3 v3.0.210507 and later QTS 4.3.4: HBS 3 v3.0.210506 and later QTS 4.3.3: HBS 3 v3.0.210506 and later Published: 2021-07-08T07:40:12.294Z Updated: 2024-09-17T00:36:54.377Z Open on db.gcve.eu Reference links https://www.qnap.com/en/security-advisory/qsa-21-19 https://www.zerodayinitiative.com/advisories/ZDI-21-783/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-28799`	vulnerable	2026-06-03 14:44:18.768877	Improper Authorization Vulnerability in HBS 3 (Hybrid Backup Sync) CRITICAL (10) An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. ) If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4.5.2; versions prior to v3.0.210412 on QTS 4.3.6; versions prior to v3.0.210411 on QTS 4.3.4; versions prior to v3.0.210411 on QTS 4.3.3; versions prior to v16.0.0419 on QuTS hero h4.5.1; versions prior to v16.0.0419 on QuTScloud c4.5.1~c4.5.4. This issue does not affect: QNAP Systems Inc. HBS 2 . QNAP Systems Inc. HBS 1.3 . Published: 2021-05-13T02:55:13.827Z Updated: 2025-10-21T23:25:45.551Z Open on db.gcve.eu Reference links https://www.qnap.com/en/security-advisory/QSA-21-13	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.