Primary

Context

QNAP QuRouter Improper Neutralization of Control Sequences Vulnerability

Vulnerability

A vulnerability allowing improper neutralization of escape, meta, or control sequences has been identified in QNAP QuRouter versions 2.6.x. This vulnerability can be exploited by local attackers with administrator privileges to cause unexpected behavior in the application.

Impact

Exploitation of this vulnerability can lead to unexpected behavior in the application, potentially allowing for further exploitation or manipulation of the system.

Remediation

Users can update to QuRouter version 2.6.3.009 or later to address this vulnerability. Instructions for updating QuRouter are available on the QNAP website.

Added: Mar 20, 2026, 5:23 PM

Updated: Mar 20, 2026, 5:23 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

2.8

remediation

0.0

relevance

4.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

2.8

remediation

0.0

relevance

4.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

QNAP QuRouter Improper Neutralization of Control Sequences Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating