Vulnerability in Qnap Qgd-1600p
CVE-2021-28813
A vulnerability involving insecure storage of sensitive information has been reported to affect QSW-M2116P-2T2S and QNAP switches running QuNetSwitch. If exploited, this vulnerability allows remote attackers to read sensitive information b…
EPSS: 0.011 (60.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 9.6 (Critical). Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H.
Affected products
- Qnap Qgd-1600p
- Qnap Qgd-1602p
- Qnap Qgd-3014pt
- Qnap Qsw-m2116p-2t2s
- Qnap Qsw-m2116p-2t2s_firmware
- Qnap Qunetswitch
- Qnap Systems Inc. Qsw-m2116p-2t2s — versions unspecified
- Qnap Systems Inc. Qunetswitch — versions unspecified
Weakness classification (CWE)
References
- security@qnapsecurity.com.tw (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2021-28813?
- CVE-2021-28813 is a critical-severity vulnerability in Qnap Qgd-1600p, classified under Use of Hard-coded Password. CVSS score: 9.6/10. Published 2021-09-10.
- How severe is CVE-2021-28813?
- Critical severity. CVSS v3 base score is 9.6 out of 10.