CVE-2026-41037

EPSS 0.2%
Veröffentlicht 21.04.2026 10:16:30
Zuletzt bearbeitet 06.05.2026 18:12:19
Quelle vdisclose@cert-in.org.in
CVE-Watchlists
Login
Unerledigt
Login

Missing Rate Limiting Vulnerability in Quantum Networks Router QN-I-470

This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing brute force attacks against administrative credentials, leading to unauthorized access with root privileges on the targeted device.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qntmnet ≫ Qn-i-470 Firmware Version6.1.1.b1

Qntmnet ≫ Qn-i-470 Version-

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.2%	0.093

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vdisclose@cert-in.org.in	8.7	0	0	CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-307 Improper Restriction of Excessive Authentication Attempts

The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2026-0200

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-41037

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-41037

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-41037

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-41037