Never do that! Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
Start by checking the user input: use Integer.TryParse to convert it to an Integer value:
Dim quant As Integer
If Not Integer.TryParse(cl.Text, quant) Then
...
Return
End If
Then pass the converted value to SQL via a parameter:
cmd.CommandText = "SELECT * FROM tblprodinfo WHERE quantity < @QTY"
cmd.Parameters.AddwithValue("@QTY", quant)
rdr = cmd.ExecuteReader