SQL Injection in Qnap Systems Inc. Qurouter
CVE-2025-62846
An SQL injection vulnerability has been reported to affect QHora. If a local attacker gains an administrator account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerabilit…
Vulnerability class: SQL Injection
EPSS: 0.000 (6.6th percentile) — read the EPSS interpretation.
Affected products
- Qnap Systems Inc. Qurouter — versions 2.6.x