Hybrid Backup Sync
CVE-2025-62840
LOW
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
A generation of error message containing sensitive information vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If an attacker gains local network access, they can then exploit the vulnerability to read application data.
We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 26.2.0.938 and later
AnalysisAI
A generation of error message containing sensitive information vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If an attacker gains local network access, they can then exploit the vulnerability to read application data. [CVSS 3.3 LOW]
Technical ContextAI
Classified as CWE-209 (Error Message Information Leak). Affects Hybrid Backup Sync. A generation of error message containing sensitive information vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If an attacker gains local network access, they can then exploit the vulnerability to read application data.
We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 26.2.0.938 and later
RemediationAI
Monitor vendor advisories for a patch.
More in Hybrid Backup Sync
View allAn improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. Rated cr
An improper access control vulnerability has been reported to affect certain legacy versions of HBS 3. Rated critical se
An OS command injection vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. Rated critical severity (CVS
An external control of file name or path vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If an attac
A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. Rated medium severity (CVSS 6.3),
Same weakness CWE-209 – Error Message Information Leak
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today