Severity by source
CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionCVE.org
This vulnerability exists in Quantum Networks router due to lack of enforcement of strong password policies in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing password guessing or brute-force attacks against user accounts, leading to unauthorized access to the targeted device.
AnalysisAI
Weak password policy enforcement in Quantum Networks router QN-I-470 version 6.1.1.B1 enables adjacent network attackers to gain unauthorized administrative access through password brute-force attacks. CVSS 7.6 reflects adjacent network requirement (AV:A) and high complexity (AC:H), limiting exploitation to attackers already on the local network segment. No active exploitation confirmed (not in CISA KEV), but authentication bypass via brute-force is a well-understood attack primitive requiring only network proximity and time.
Technical ContextAI
The vulnerability stems from CWE-521 (Weak Password Requirements), where the router's web-based management interface fails to enforce strong password policies such as minimum complexity requirements, account lockout mechanisms, or rate limiting on authentication attempts. The affected product is Quantum Networks router model QN-I-470 version 6.1.1.B1 (CPE: cpe:2.3:a:quantum_networks:router_qn-i-470:*:*:*:*:*:*:*:*). The CVSS 4.0 vector indicates Adjacent Network attack vector (AV:A), meaning the attacker must be on the same network segment as the device, and High attack complexity (AC:H), suggesting specific timing, conditions, or reconnaissance may be required beyond simple credential stuffing. The lack of password policy enforcement at the application layer allows unlimited authentication attempts without detection or throttling, converting what should be a computationally infeasible brute-force attack into a practical exploitation path given sufficient time and resources.
RemediationAI
Apply vendor-supplied firmware update addressing CIVN-2026-0200 if available from Quantum Networks; consult CERT-In advisory at https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2026-0200 for specific patch version. No patched firmware version independently confirmed from available data at time of analysis. If patching is delayed, implement compensating controls with understanding of their operational trade-offs: (1) Enforce network segmentation to isolate router management interfaces to dedicated administrative VLANs accessible only from hardened jump hosts, reducing adjacent network attack surface but requiring VLAN reconfiguration and potential management workflow changes. (2) Deploy rate-limiting or Web Application Firewall rules to throttle authentication attempts to the web management interface (e.g., maximum 3 failed attempts per source IP per 5 minutes), though this may impact legitimate administrative access during credential issues. (3) Disable web-based management interface entirely and restrict device administration to console access or SSH with public-key authentication only, eliminating the vulnerable attack surface but increasing administrative overhead for remote management scenarios. (4) Implement continuous monitoring of authentication logs for brute-force patterns (multiple failed login attempts from single source IPs) with automated alerting, which detects but does not prevent exploitation.
More in Brute Force
View allRuggedCom Rugged Operating System (ROS) before 3.3 has a factory account with a password derived from the MAC Address fi
An issue in the password change function of Silverpeas v6.4.2 and lower allows for the bypassing of password complexity
Victure RX1800 EN_V1.0.0_r12_110933 was discovered to utilize a weak default password which includes the last 8 digits o
Critical authentication bypass vulnerability in OpenC3 COSMOS v6.0.0 caused by weak password requirements that enable br
QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immedia
I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for Administrator account creatio
Weak Password Requirements in GitHub repository modoboa/modoboa prior to 2.1.0. Rated critical severity (CVSS 9.8), this
Weak Password Requirements in GitHub repository janeczku/calibre-web prior to 0.6.20. Rated critical severity (CVSS 9.8)
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.12. Rated critical severity (CVSS 9.8), t
Beijing Zed-3 Technologies Co.,Ltd VoIP simpliclty ASG 8.5.0.17807 (20181130-16:12) has a Weak password vulnerability. R
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.8. Rated critical severity (CVSS 9.8), th
Weak Password Requirements in GitHub repository ikus060/minarca prior to 4.2.2. Rated critical severity (CVSS 9.8), this
Same weakness CWE-521 – Weak Password Requirements
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-24083
GHSA-mqx2-c63m-7p93