HIGHCVE-2026-41039Published 2026-04-21Modified 2026-04-21CNA CERT-In

CVE-2026-41039: Information Disclosure Vulnerability in Quantum Networks Router QN-I-470

This vulnerability exists in Quantum Networks router due to improper access control and insecure default configuration in the web-based management interface. An unauthenticated attacker could exploit this vulnerability by accessing exposed API endpoints on the targeted device. Successful exploitation of this vulnerability could allow the attacker to access sensitive information, including internal endpoints, scripts and directories on the targeted device.

CVSS v4.0: 8.7
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

Quantum Networks / Router QN-I-470
at 6.1.1.B1

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

References

cert-in.org.in

Metrics