Qnap

Qurouter

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
0.9

CVE-2025-62843

  • EPSS 0.02%
  • Veröffentlicht 20.03.2026 16:22:02
  • Zuletzt bearbeitet 20.03.2026 17:16:42

An improper restriction of communication channel to intended endpoints vulnerability has been reported to affect QHora. If an attacker gains physical access, they can then exploit the vulnerability to gain the privileges that were intended for the or...

4

CVE-2025-62844

  • EPSS 0.02%
  • Veröffentlicht 20.03.2026 16:21:56
  • Zuletzt bearbeitet 20.03.2026 17:16:42

A weak authentication vulnerability has been reported to affect QHora. If an attacker gains local network access, they can then exploit the vulnerability to gain sensitive information. We have already fixed the vulnerability in the following version...

5.6

CVE-2025-62845

Medienbericht
  • EPSS 0.01%
  • Veröffentlicht 20.03.2026 16:21:51
  • Zuletzt bearbeitet 20.03.2026 17:16:42

An improper neutralization of escape, meta, or control sequences vulnerability has been reported to affect QHora. If a local attacker gains an administrator account, they can then exploit the vulnerability to cause unexpected behavior. We have alrea...

7.3

CVE-2025-62846

  • EPSS 0.02%
  • Veröffentlicht 20.03.2026 16:21:46
  • Zuletzt bearbeitet 20.03.2026 17:16:43

An SQL injection vulnerability has been reported to affect QHora. If a local attacker gains an administrator account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the fo...

7.2

CVE-2025-29887

  • EPSS 0.1%
  • Veröffentlicht 29.08.2025 17:14:32
  • Zuletzt bearbeitet 24.09.2025 18:11:51

A command injection vulnerability has been reported to affect QuRouter 2.5.1. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the ...

7.8

CVE-2024-13088

  • EPSS 0.03%
  • Veröffentlicht 06.06.2025 15:53:09
  • Zuletzt bearbeitet 24.09.2025 20:32:05

An improper authentication vulnerability has been reported to affect QHora. If an attacker gains local network access, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the f...

6.7

CVE-2024-13087

  • EPSS 0.03%
  • Veröffentlicht 06.06.2025 15:53:04
  • Zuletzt bearbeitet 24.09.2025 20:32:32

A command injection vulnerability has been reported to affect QHora. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixe...

7.2

CVE-2024-53700

  • EPSS 0.2%
  • Veröffentlicht 07.03.2025 17:15:20
  • Zuletzt bearbeitet 24.09.2025 20:32:44

A command injection vulnerability has been reported to affect QHora. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed the vulnerability in the foll...

9.8

CVE-2024-50390

  • EPSS 0.41%
  • Veröffentlicht 07.03.2025 17:15:19
  • Zuletzt bearbeitet 24.09.2025 20:32:59

A command injection vulnerability has been reported to affect QHora. If exploited, the vulnerability could allow remote attackers to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuRouter 2.4.5.032 and...

9.8

CVE-2024-50389

  • EPSS 1.6%
  • Veröffentlicht 06.12.2024 17:15:09
  • Zuletzt bearbeitet 24.09.2025 19:18:32

A SQL injection vulnerability has been reported to affect QuRouter. If exploited, the vulnerability could allow remote attackers to inject malicious code. We have already fixed the vulnerability in the following version: QuRouter 2.4.5.032 and later