EUVD-2026-24079
GHSA-whhc-f8fh-m5cr
CVSS VectorNVD
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionNVD
This vulnerability exists in Quantum Networks router due to inadequate sanitization of user-supplied input in the management CLI interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary OS commands on the targeted device.
Successful exploitation of this vulnerability could allow the attacker to perform remote code execution with root privileges on the targeted device.
AnalysisAI
Remote code execution with root privileges in Quantum Networks router QN-I-470 version 6.1.1.B1 allows adjacent network attackers to execute arbitrary OS commands through the management CLI interface via command injection. The vulnerability requires no authentication (CVSS PR:N) and exploits inadequate input sanitization (CWE-78). …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Identify all QN-I-470 devices running version 6.1.1.B1 and document their network locations and dependencies. Within 7 days: Implement network segmentation to restrict management CLI access to authorized administrative networks only; apply access control lists to block non-admin traffic to management interfaces. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today