CVE-2026-41039

HIGH

Information Disclosure Vulnerability in Quantum Networks Router QN-I-470

Title source: cna

Description

This vulnerability exists in Quantum Networks router due to improper access control and insecure default configuration in the web-based management interface. An unauthenticated attacker could exploit this vulnerability by accessing exposed API endpoints on the targeted device. Successful exploitation of this vulnerability could allow the attacker to access sensitive information, including internal endpoints, scripts and directories on the targeted device.

References (1)

[Third Party Advisory] https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2026-0200

Scores

CVSS v4 8.7

EPSS 0.0005

EPSS Percentile 16.7%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Details

CWE

CWE-306

Status published

Products (1)

Quantum Networks/Router QN-I-470 at 6.1.1.B1

Published Apr 21, 2026

Tracked Since Apr 21, 2026