CVE-2026-41037— Missing Rate Limiting Vulnerability in Quantum Networks Router QN-I-470
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-41037
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Missing Rate Limiting Vulnerability in Quantum Networks Router QN-I-470
Source: NVD (National Vulnerability Database)
Vulnerability Description
This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing brute force attacks against administrative credentials, leading to unauthorized access with root privileges on the targeted device.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
过多认证尝试的限制不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Quantum Networks router 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Quantum Networks router是印度Quantum Networks公司的一款网络路由设备。 Quantum Networks router存在安全漏洞,该漏洞源于基于Web的管理界面缺少登录失败速率限制和CAPTCHA保护,可能导致同一网络上的攻击者对管理员凭据进行暴力破解,获得未经授权的root权限访问。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Quantum Networks | Router QN-I-470 | at 6.1.1.B1 | - |
II. Public POCs for CVE-2026-41037
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-41037
请登录查看更多情报信息。
Same Patch Batch · Quantum Networks · 2026-04-21 · 4 CVEs total
| CVE-2026-41036 | Command Injection Vulnerability in Quantum Networks Router QN-I-470 | |
| CVE-2026-41039 | Information Disclosure Vulnerability in Quantum Networks Router QN-I-470 | |
| CVE-2026-41038 | Weak Password Policy Vulnerability in Quantum Networks Router QN-I-470 |
IV. Related Vulnerabilities
Same weakness: CWE-307
- CVE-2026-41893
Signal K Server's WebSocket Login Endpoint Lacks Rate Limiti - CVE-2025-2514
Improper Restriction of Excessive Authentication Attempts vu - CVE-2023-54347
OpenEMR 7.0.1 Authentication Brute Force Mitigation Bypass - CVE-2026-7671
CodeWise Tornet Scooter Mobile App TwoFactor excessive authe - CVE-2026-26206
Wazuh: API brute-force protection bypass via race condition
V. Comments for CVE-2026-41037
No comments yet