CVE-2025-62844Weak Authentication in Systems INC Qurouter

CWE-1390Weak Authentication3 documents3 sources
Severity
4.0MEDIUMNVD
EPSS
0.0%
top 92.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Qnap Systems INC Qurouter
Timeline
PublishedMar 20

Description

A weak authentication vulnerability has been reported to affect QHora. If an attacker gains local network access, they can then exploit the vulnerability to gain sensitive information. We have already fixed the vulnerability in the following version: QuRouter 2.6.2.007 and later

CVSS vector

CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages1 packages

CVEListV5qnap_systems_inc/qurouter2.6.x2.6.2.007

🔴Vulnerability Details

2
CVEList
QuRouter2026-03-20
GHSA
GHSA-5gfx-m376-wpjr: A weak authentication vulnerability has been reported to affect QHora2026-03-20
CVE-2025-62844 — Weak Authentication | cvebase