Hyper Data Protector_CVE-2025-59389

8.1 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

Description

An SQL injection vulnerability has been reported to affect Hyper Data Protector. The remote attackers can then exploit the vulnerability to execute unauthorized code or commands.

We have already fixed the vulnerability in the following versions:
Hyper Data Protector 2.2.4.1 and later

Basic Information

ID CVE-2025-59389

Source qnap

Published Jan 2, 2026 at 15:51

Affected Product

Vendor QNAP Systems Inc.

Product Hyper Data Protector

Version 2.2.x

Affected Versions QNAP Systems Inc. Hyper Data Protector 2.2.x

CWE Classification

CWE-89

References

www.qnap.com /en/security-advisory/qsa-25-48

{
    "lastseen": "",
    "description": "An SQL injection vulnerability has been reported to affect Hyper Data Protector. The remote attackers can then exploit the vulnerability to execute unauthorized code or commands.\n\nWe have already fixed the vulnerability in the following versions:\nHyper Data Protector 2.2.4.1 and later",
    "published": "2026-01-02T15:51:48.998Z",
    "modified": "2026-01-02T15:51:48.998Z",
    "type": "cve",
    "title": "Hyper Data Protector",
    "source": "qnap",
    "references": "https://www.qnap.com/en/security-advisory/qsa-25-48",
    "id": "CVE-2025-59389",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89"
    ],
    "cvelist": null,
    "sourceData": "QNAP Systems Inc. Hyper Data Protector 2.2.x",
    "sourceHref": "",
    "cvss": {
        "score": 8.1,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Hyper Data Protector",
    "version": "2.2.x",
    "vendor": "QNAP Systems Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}