Missing Rate Limiting Vulnerability in Quantum Networks Router QN-I-470

8.7 / 10

HIGH

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing brute force attacks against administrative credentials, leading to unauthorized access with root privileges on the targeted device.

AI Analysis

Missing rate limiting vulnerability allowing brute force attacks against administrative credentials

Basic Information

ID CVE-2026-41037

Source CERT-In

Published Apr 21, 2026 at 10:04

Modified Apr 21, 2026 at 10:11

Affected Product

Vendor Quantum Networks

Product Router QN-I-470

Version at 6.1.1.B1

Affected Versions Quantum Networks Router QN-I-470 at 6.1.1.B1

CWE Classification

CWE-307

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Quantum Networks

Product Router QN-I-470

Version 6.1.1.B1

References

www.cert-in.org.in /s2cMainServlet

{
    "lastseen": "",
    "description": "This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing brute force attacks against administrative credentials, leading to unauthorized access with root privileges on the targeted device.",
    "published": "2026-04-21T10:04:56.462Z",
    "modified": "2026-04-21T10:11:27.782Z",
    "type": "cve",
    "title": "Missing Rate Limiting Vulnerability in Quantum Networks Router QN-I-470",
    "source": "CERT-In",
    "references": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2026-0200",
    "id": "CVE-2026-41037",
    "bulletinFamily": "",
    "cwe": [
        "CWE-307"
    ],
    "cvelist": null,
    "sourceData": "Quantum Networks Router QN-I-470 at 6.1.1.B1",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Router QN-I-470",
    "version": "at 6.1.1.B1",
    "vendor": "Quantum Networks",
    "ai_description": "Missing rate limiting vulnerability allowing brute force attacks against administrative credentials",
    "ai_severity": "High",
    "ai_vendor": "Quantum Networks",
    "ai_product": "Router QN-I-470",
    "ai_version": "6.1.1.B1",
    "ai_score": 8.7
}

Missing Rate Limiting Vulnerability in Quantum Networks Router QN-I-470_CVE-2026-41037