Vulnerability Details CVE-2025-62840
A generation of error message containing sensitive information vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If an attacker gains local network access, they can then exploit the vulnerability to read application data.
We have already fixed the vulnerability in the following version:
HBS 3 Hybrid Backup Sync 26.2.0.938 and later
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.8%
CVSS Severity
CVSS v3 Score 3.3
Products affected by CVE-2025-62840
-
cpe:2.3:a:qnap:hybrid_backup_sync:-
-
cpe:2.3:a:qnap:hybrid_backup_sync:13.0.0930
-
cpe:2.3:a:qnap:hybrid_backup_sync:14.0.1215
-
cpe:2.3:a:qnap:hybrid_backup_sync:15.0.0128
-
cpe:2.3:a:qnap:hybrid_backup_sync:15.1.0225
-
cpe:2.3:a:qnap:hybrid_backup_sync:16.0.0415
-
cpe:2.3:a:qnap:hybrid_backup_sync:16.0.0419
-
cpe:2.3:a:qnap:hybrid_backup_sync:17.0.0512
-
cpe:2.3:a:qnap:hybrid_backup_sync:17.1.0719
-
cpe:2.3:a:qnap:hybrid_backup_sync:17.2.0726
-
cpe:2.3:a:qnap:hybrid_backup_sync:18.0.1012
-
cpe:2.3:a:qnap:hybrid_backup_sync:18.0.1104
-
cpe:2.3:a:qnap:hybrid_backup_sync:18.0.1125
-
cpe:2.3:a:qnap:hybrid_backup_sync:19.0.0120
-
cpe:2.3:a:qnap:hybrid_backup_sync:19.0.0217
-
cpe:2.3:a:qnap:hybrid_backup_sync:19.0.0303
-
cpe:2.3:a:qnap:hybrid_backup_sync:19.1.0425
-
cpe:2.3:a:qnap:hybrid_backup_sync:19.1.0517
-
cpe:2.3:a:qnap:hybrid_backup_sync:20.0.0706
-
cpe:2.3:a:qnap:hybrid_backup_sync:21.0.0926
-
cpe:2.3:a:qnap:hybrid_backup_sync:21.1.1227
-
cpe:2.3:a:qnap:hybrid_backup_sync:21.2.0426
-
cpe:2.3:a:qnap:hybrid_backup_sync:21.2.0504
-
cpe:2.3:a:qnap:hybrid_backup_sync:21.2.0508
-
cpe:2.3:a:qnap:hybrid_backup_sync:21.2.0510
-
cpe:2.3:a:qnap:hybrid_backup_sync:21.2.0524
-
cpe:2.3:a:qnap:hybrid_backup_sync:22.0.0621
-
cpe:2.3:a:qnap:hybrid_backup_sync:22.0.0630
-
cpe:2.3:a:qnap:hybrid_backup_sync:22.1.0717
-
cpe:2.3:a:qnap:hybrid_backup_sync:23.0.0921
-
cpe:2.3:a:qnap:hybrid_backup_sync:23.1.1116
-
cpe:2.3:a:qnap:hybrid_backup_sync:24.0.0304
-
cpe:2.3:a:qnap:hybrid_backup_sync:24.1.0509
-
cpe:2.3:a:qnap:hybrid_backup_sync:24.1.0515
-
cpe:2.3:a:qnap:hybrid_backup_sync:24.1.0523
-
cpe:2.3:a:qnap:hybrid_backup_sync:24.1.0529
-
cpe:2.3:a:qnap:hybrid_backup_sync:25.0.0.406
-
cpe:2.3:a:qnap:hybrid_backup_sync:25.0.1.491
-
cpe:2.3:a:qnap:hybrid_backup_sync:25.1.0.627
-
cpe:2.3:a:qnap:hybrid_backup_sync:25.1.1.673
-
cpe:2.3:a:qnap:hybrid_backup_sync:25.1.2.692
-
cpe:2.3:a:qnap:hybrid_backup_sync:25.1.3.824
-
cpe:2.3:a:qnap:hybrid_backup_sync:25.1.4.952
-
cpe:2.3:a:qnap:hybrid_backup_sync:25.1.5.204
-
cpe:2.3:a:qnap:hybrid_backup_sync:25.1.6.342
-
cpe:2.3:a:qnap:hybrid_backup_sync:25.1.7.407
-
cpe:2.3:a:qnap:hybrid_backup_sync:26.0.0.594
-
cpe:2.3:a:qnap:hybrid_backup_sync:26.1.0.723
-
cpe:2.3:a:qnap:hybrid_backup_sync:26.1.2.827
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.190812
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.190829
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.190923
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.191016
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.191108
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.191115
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.191202
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.191209
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.200113
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.200212
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.200326
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.200413
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.200424
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.200529
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.200727
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.200805
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.210411
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.210412
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.210506
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.210507
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.210810
-
cpe:2.3:a:qnap:hybrid_backup_sync:3.0.210916