← Zuruck zu CVEs
CVE-2025-59389
CRITICAL9.8
Beschreibung
An SQL injection vulnerability has been reported to affect Hyper Data Protector. The remote attackers can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: Hyper Data Protector 2.2.4.1 and later
CVE Details
CVSS v3.1 Bewertung9.8
SchweregradCRITICAL
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht1/2/2026
Zuletzt geandert1/22/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
qnap:hyper_data_protector
Schwachen (CWE)
CWE-89
Referenzen
https://www.qnap.com/en/security-advisory/qsa-25-48(security@qnapsecurity.com.tw)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.