Unrated severityNVD Advisory· Published Mar 12, 2026· Updated Mar 12, 2026
Hyper Data Protector
CVE-2025-59388
Description
A use of hard-coded password vulnerability has been reported to affect Hyper Data Protector. The remote attackers can then exploit the vulnerability to gain unauthorized access.
We have already fixed the vulnerability in the following version: Hyper Data Protector 2.3.1.455 and later
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <2.3.1.455
- QNAP Systems Inc./Hyper Data Protectorv5Range: 2.3.x
Patches
Vulnerability mechanics
References
1News mentions
1- ZDI-26-201: (Pwn2Own) QNAP TS-453E Hyper Data Protector Plugin Hard-Coded Credentials Authentication Bypass VulnerabilityZero Day Initiative · Mar 16, 2026