CVE-2025-62843

MEDIUM

QNAP QuRouter < 2.6.3.009 - Physical Endpoint Privilege Bypass

Title source: manual

Description

An improper restriction of communication channel to intended endpoints vulnerability has been reported to affect QHora. If an attacker gains physical access, they can then exploit the vulnerability to gain the privileges that were intended for the original endpoint. We have already fixed the vulnerability in the following version: QuRouter 2.6.3.009 and later

References (1)

Core 1

Core References

https://www.qnap.com/en/security-advisory/qsa-26-12

Scores

CVSS v3 6.8

EPSS 0.0003

EPSS Percentile 7.7%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-923

Status published

Products (5)

qnap/qurouter 2.6.0.239 build_20250625

qnap/qurouter 2.6.0.688 build_20250818

qnap/qurouter 2.6.1.028 build_20251001

qnap/qurouter 2.6.2.007 build_20251027

QNAP Systems Inc./QuRouter 2.6.x - 2.6.3.009

Published Mar 20, 2026

Tracked Since Mar 20, 2026