EUVD-2026-24084
GHSA-v758-4p42-wqcm
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionNVD
This vulnerability exists in Quantum Networks router due to improper access control and insecure default configuration in the web-based management interface. An unauthenticated attacker could exploit this vulnerability by accessing exposed API endpoints on the targeted device.
Successful exploitation of this vulnerability could allow the attacker to access sensitive information, including internal endpoints, scripts and directories on the targeted device.
AnalysisAI
Information disclosure in Quantum Networks Router QN-I-470 version 6.1.1.B1 allows unauthenticated remote attackers to access sensitive internal data including API endpoints, scripts, and directories through exposed web management interface. Vulnerability stems from improper access control and insecure default configuration (CWE-306). …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Identify all Quantum Networks Router QN-I-470 devices running version 6.1.1.B1 in production and isolated network environments; document their network location and criticality. Within 7 days: Isolate affected devices from untrusted networks; implement network-level access controls restricting management interface exposure to authorized administrative networks only; enable request logging on web management interfaces. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today