EUVD-2026-24077
GHSA-7f6p-98mw-r63r
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionNVD
This vulnerability exists in Quantum Networks router due to inadequate sanitization of user-supplied input in the management CLI interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary OS commands on the targeted device.
Successful exploitation of this vulnerability could allow the attacker to perform remote code execution with root privileges on the targeted device.
AnalysisAI
Remote code execution in Quantum Networks router QN-I-470 allows authenticated attackers to execute arbitrary OS commands as root via command injection in the management CLI interface. The vulnerability stems from inadequate input sanitization, enabling low-privileged authenticated users to escalate privileges to root level. …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Inventory all QN-I-470 deployments and document current firmware versions; restrict management CLI access to defined administrative accounts only and disable remote management if operationally feasible. Within 7 days: Implement network segmentation isolating management interfaces to restricted subnets; enforce multi-factor authentication for all administrative access; review access logs for unauthorized CLI activity. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today