CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-62843

An improper restriction of communication channel to intended endpoints vulnerability has been reported to affect QHora. If an attacker gains physical access, they can then exploit the vulnerability to gain the privileges that were intended for the original endpoint. We have already fixed the vulnerability in the following version: QuRouter 2.6.3.009 and later

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 6.2%

CVSS Severity

CVSS v3 Score 6.8

References

https://www.qnap.com/en/security-advisory/qsa-26-12

Products affected by CVE-2025-62843

Qnap » Qurouter » Version: 2.6.0.239

cpe:2.3:o:qnap:qurouter:2.6.0.239
Qnap » Qurouter » Version: 2.6.0.688

cpe:2.3:o:qnap:qurouter:2.6.0.688
Qnap » Qurouter » Version: 2.6.1.028

cpe:2.3:o:qnap:qurouter:2.6.1.028
Qnap » Qurouter » Version: 2.6.2.007

cpe:2.3:o:qnap:qurouter:2.6.2.007

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-62843

Products

Pricing

Contact Us