CVE-2026-41038
Received Received - Intake
Weak Password Policy Enables Unauthorized Access in Quantum Router

Publication date: 2026-04-21

Last updated on: 2026-05-06

Assigner: Indian Computer Emergency Response Team (CERT-In)

Description
This vulnerability exists in Quantum Networks router due to lack of enforcement of strong password policies in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing password guessing or brute-force attacks against user accounts, leading to unauthorized access to the targeted device.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-21
Last Modified
2026-05-06
Generated
2026-06-16
AI Q&A
2026-04-22
EPSS Evaluated
2026-06-15
NVD
CVE-2026-41038
EUVD
EUVD-2026-24083
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
qntmnet qn-i-470_firmware 6.1.1.b1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-521 The product does not require that users should have strong passwords.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Detection Guidance

This vulnerability involves weak or absent enforcement of strong password policies on the Quantum Networks router's web-based management interface, which can be exploited via password guessing or brute-force attacks.

To detect this vulnerability on your network or system, you can monitor for repeated failed login attempts to the router's management interface, which may indicate brute-force or password guessing attacks.

Specific commands or tools to detect such activity are not provided in the available information.

Mitigation Strategies

To mitigate this vulnerability, it is important to enforce strong password policies on the Quantum Networks router's web-based management interface to prevent password guessing or brute-force attacks.

  • Implement complex and strong passwords for all user accounts.
  • Limit login attempts to reduce the risk of brute-force attacks.
  • Restrict management interface access to trusted network segments or IP addresses.
  • Monitor login attempts and audit logs for suspicious activity.
Executive Summary

This vulnerability exists in Quantum Networks routers because the web-based management interface does not enforce strong password policies.

An attacker on the same network can exploit this by performing password guessing or brute-force attacks against user accounts.

Successful exploitation can lead to unauthorized access to the targeted device.

Impact Analysis

If exploited, this vulnerability can allow an attacker to gain unauthorized access to your Quantum Networks router.

Unauthorized access could lead to compromise of network security, potential interception or manipulation of network traffic, and disruption of network services.

Compliance Impact

This vulnerability allows unauthorized access to the Quantum Networks router due to weak password policy enforcement, which could lead to exposure of sensitive data or disruption of network services.

Such unauthorized access risks non-compliance with common standards and regulations like GDPR and HIPAA, which require strong access controls and protection of personal and sensitive information.

Failure to enforce strong password policies may result in violations of these regulations' requirements for safeguarding data confidentiality and integrity.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-41038. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart