CVE-2026-41038
Weak Password Policy Enables Unauthorized Access in Quantum Router
Publication date: 2026-04-21
Last updated on: 2026-05-06
Assigner: Indian Computer Emergency Response Team (CERT-In)
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| qntmnet | qn-i-470_firmware | 6.1.1.b1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-521 | The product does not require that users should have strong passwords. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves weak or absent enforcement of strong password policies on the Quantum Networks router's web-based management interface, which can be exploited via password guessing or brute-force attacks.
To detect this vulnerability on your network or system, you can monitor for repeated failed login attempts to the router's management interface, which may indicate brute-force or password guessing attacks.
Specific commands or tools to detect such activity are not provided in the available information.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, it is important to enforce strong password policies on the Quantum Networks router's web-based management interface to prevent password guessing or brute-force attacks.
- Implement complex and strong passwords for all user accounts.
- Limit login attempts to reduce the risk of brute-force attacks.
- Restrict management interface access to trusted network segments or IP addresses.
- Monitor login attempts and audit logs for suspicious activity.
Can you explain this vulnerability to me?
This vulnerability exists in Quantum Networks routers because the web-based management interface does not enforce strong password policies.
An attacker on the same network can exploit this by performing password guessing or brute-force attacks against user accounts.
Successful exploitation can lead to unauthorized access to the targeted device.
How can this vulnerability impact me? :
If exploited, this vulnerability can allow an attacker to gain unauthorized access to your Quantum Networks router.
Unauthorized access could lead to compromise of network security, potential interception or manipulation of network traffic, and disruption of network services.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows unauthorized access to the Quantum Networks router due to weak password policy enforcement, which could lead to exposure of sensitive data or disruption of network services.
Such unauthorized access risks non-compliance with common standards and regulations like GDPR and HIPAA, which require strong access controls and protection of personal and sensitive information.
Failure to enforce strong password policies may result in violations of these regulations' requirements for safeguarding data confidentiality and integrity.