Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionCVE.org
This vulnerability exists in Quantum Networks router due to inadequate sanitization of user-supplied input in the management CLI interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary OS commands on the targeted device.
Successful exploitation of this vulnerability could allow the attacker to perform remote code execution with root privileges on the targeted device.
AnalysisAI
Remote code execution in Quantum Networks router QN-I-470 allows authenticated attackers to execute arbitrary OS commands as root via command injection in the management CLI interface. The vulnerability stems from inadequate input sanitization, enabling low-privileged authenticated users to escalate privileges to root level. CVSS 8.7 (Critical) reflects network-accessible exploitation with low complexity, requiring only low-privilege authentication. No active exploitation (CISA KEV) or public exploit code identified at time of analysis, but the authenticated nature and CLI access requirement limits exploitation to users with existing device credentials.
Technical ContextAI
This is a CWE-78 OS command injection vulnerability in the management Command Line Interface (CLI) of Quantum Networks router model QN-I-470 (CPE: cpe:2.3:a:quantum_networks:router_qn-i-470). The router's CLI interface fails to properly sanitize user-supplied input before passing it to underlying operating system command execution functions. When authenticated users interact with the management interface, specially crafted input containing shell metacharacters or command separators can break out of intended command contexts and execute arbitrary system commands. The vulnerability's scope is unchanged (SC:N/SI:N/SA:N in CVSS vector), meaning the attacker's commands execute within the router's existing security boundary but with elevated root privileges. The CLI management interface is typically network-accessible for remote administration, though attack vector depends on whether the management interface is exposed to untrusted networks.
RemediationAI
Contact Quantum Networks directly to obtain patched firmware for the QN-I-470 router model, as no specific fix version is published in available advisories. Monitor the CERT-In advisory CIVN-2026-0200 (https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2026-0200) and Quantum Networks security bulletins for patch availability announcements. Until patching is possible, implement compensating controls: (1) Restrict management CLI access to dedicated administrative VLANs or jump hosts, removing internet or untrusted network exposure entirely-this prevents remote exploitation but limits operational flexibility for remote administration. (2) Enforce strong authentication with complex passwords or certificate-based authentication for all CLI accounts-this raises the bar for credential compromise but does not prevent exploitation by legitimate administrators or attackers who obtain valid credentials. (3) Implement network-level access controls (firewall rules, ACLs) limiting management interface connectivity to specific administrator IP addresses-this reduces attack surface but requires maintenance as administrator networks change. (4) Enable comprehensive CLI command logging and monitor for suspicious command patterns or privilege escalation attempts-this provides detection but not prevention. (5) If operational requirements permit, disable remote CLI access entirely and require console-only administration-this eliminates remote exploitation but significantly impacts operational efficiency. Evaluate trade-offs of each mitigation against organizational risk tolerance and operational requirements.
More in Router Qn I 470
View allInformation disclosure in Quantum Networks Router QN-I-470 version 6.1.1.B1 allows unauthenticated remote attackers to a
Remote code execution with root privileges in Quantum Networks router QN-I-470 version 6.1.1.B1 allows adjacent network
Same weakness CWE-78 – OS Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-24077
GHSA-7f6p-98mw-r63r