CVE-2026-41037
HIGHMissing Rate Limiting Vulnerability in Quantum Networks Router QN-I-470
Title source: cnaDescription
This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing brute force attacks against administrative credentials, leading to unauthorized access with root privileges on the targeted device.
References (1)
Core 1
Core References
Third Party Advisory third-party-advisory
https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2026-0200
Scores
CVSS v3
8.8
EPSS
0.0020
EPSS Percentile
9.4%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-307
Status
published
Products (2)
qntmnet/qn-i-470_firmware
6.1.1.b1
Quantum Networks/Router QN-I-470
at 6.1.1.B1
Published
Apr 21, 2026
Tracked Since
Apr 21, 2026