CVE-2026-41037

HIGH

Missing Rate Limiting Vulnerability in Quantum Networks Router QN-I-470

Title source: cna

Description

This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing brute force attacks against administrative credentials, leading to unauthorized access with root privileges on the targeted device.

References (1)

[Third Party Advisory] https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2026-0200

Scores

CVSS v4 8.7

EPSS 0.0002

EPSS Percentile 6.1%

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Details

CWE

CWE-307

Status published

Products (1)

Quantum Networks/Router QN-I-470 at 6.1.1.B1

Published Apr 21, 2026

Tracked Since Apr 21, 2026