Severity by source
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
7DescriptionCVE.org
This vulnerability exists in Quantum Networks router due to inadequate sanitization of user-supplied input in the management CLI interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary OS commands on the targeted device.
Successful exploitation of this vulnerability could allow the attacker to perform remote code execution with root privileges on the targeted device.
AnalysisAI
Remote code execution with root privileges in Quantum Networks router QN-I-470 version 6.1.1.B1 allows adjacent network attackers to execute arbitrary OS commands through the management CLI interface via command injection. The vulnerability requires no authentication (CVSS PR:N) and exploits inadequate input sanitization (CWE-78). Adjacent network access (AV:A) limits attack surface to local network segments. No active exploitation (CISA KEV) or public exploit code identified at time of analysis, though EPSS data unavailable to assess real-world exploitation probability.
Technical ContextAI
This is an OS command injection vulnerability (CWE-78) affecting the management Command Line Interface (CLI) of Quantum Networks router QN-I-470 firmware version 6.1.1.B1 (CPE: cpe:2.3:a:quantum_networks:router_qn-i-470:*:*:*:*:*:*:*:*). Command injection occurs when applications pass unsanitized user input directly to system shell interpreters, allowing attackers to append malicious commands using shell metacharacters (semicolons, pipes, backticks). The CLI interface - typically accessed via SSH, Telnet, or serial console - fails to properly validate input before passing it to underlying OS command execution functions. With root-level execution context typical in network device management interfaces, successful injection bypasses all OS-level access controls, granting complete device control. The CVSS 4.0 vector confirms Adjacent network attack vector (AV:A), meaning the attacker must be on the same broadcast domain or VLAN as the router's management interface, which reduces exposure compared to internet-facing vulnerabilities but remains critical in enterprise environments where internal network segmentation may be weak.
RemediationAI
Consult CERT-In advisory CIVN-2026-0200 at https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2026-0200 for vendor-recommended fixes - no patched firmware version independently confirmed from available data sources. As compensating controls until patch deployment: restrict management CLI access using access control lists (ACLs) to permit only known administrator IP addresses, eliminating adjacent network attack surface but requiring maintenance of administrator IP whitelist; deploy management interfaces on isolated VLANs with strict firewall rules preventing lateral movement from user VLANs, reducing but not eliminating risk from compromised adjacent hosts; disable unused management protocols (Telnet if SSH available, HTTP if HTTPS available) to reduce attack surface, noting this does not address the underlying injection flaw; implement network access control (802.1X) on management VLANs to prevent unauthorized device connections, adding authentication layer but increasing operational complexity. Monitor CLI access logs for unusual command patterns or failures. Contact Quantum Networks support directly for patch timeline if not specified in CERT-In advisory.
More in Router Qn I 470
View allRemote code execution in Quantum Networks router QN-I-470 allows authenticated attackers to execute arbitrary OS command
Information disclosure in Quantum Networks Router QN-I-470 version 6.1.1.B1 allows unauthenticated remote attackers to a
Same weakness CWE-78 – OS Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-24079
GHSA-whhc-f8fh-m5cr