QNAP QHora-322 miro_webserver_controllers_api_login_singIn Authentication Bypass Vulnerability

QNAP QHora-322 routers contain an authentication bypass vulnerability (CVE-2024-13088) that allows network-adjacent attackers to gain unauthorized access without credentials. This medium-severity flaw could enable attackers to access sensitive router functions and configurations. Security teams should prioritize patching affected QHora-322 devices and verify that network access to these routers is properly restricted to trusted hosts.