CVE-2025-62840
published 2026-01-02CVE-2025-62840: A generation of error message containing sensitive information vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If an attacker gains local…
high7CVSS 4.0
AVPACLATNPRNUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A generation of error message containing sensitive information vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If an attacker gains local network access, they can then exploit the vulnerability to read application data.
We have already fixed the vulnerability in the following version:
HBS 3 Hybrid Backup Sync 26.2.0.938 and later
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| qnap | hybrid_backup_sync | < 26.2.0.938 | 26.2.0.938 |
| qnap_systems_inc | hbs_3_hybrid_backup_sync | >= 26.1.x < 26.2.0.938 | 26.2.0.938 |