CVE-2026-41037 — HIGH (8.8)

Vulnerability Description

This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing brute force attacks against administrative credentials, leading to unauthorized access with root privileges on the targeted device.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Qntmnet	Qn-I-470 Firmware	6.1.1.b1
Qntmnet	Qn-I-470	-

Related Weaknesses (CWE)

CWE-307

References

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2026-0PatchVendor Advisory

FAQ

What is CVE-2026-41037?

CVE-2026-41037 is a vulnerability with a CVSS score of 8.8 (HIGH). This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same networ...

How severe is CVE-2026-41037?

CVE-2026-41037 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-41037?

Check the references section above for vendor advisories and patch information. Affected products include: Qntmnet Qn-I-470 Firmware, Qntmnet Qn-I-470.