QNAP QHora-322 ip6_wanifset Improper Restriction of Communication Channel to Intended Endpoints Firewall Bypass Vulnerability

QNAP QHora-322 routers contain a firewall bypass vulnerability (CVE-2025-62843) that allows network-adjacent attackers to circumvent configured firewall rules without requiring authentication. This medium-severity flaw could enable attackers to access restricted network resources or services that should be blocked by the router's security controls. Security teams should prioritize patching affected QHora-322 devices and review firewall rule implementations to identify any unauthorized access that may have occurred.