Search criteria
15 vulnerabilities
CVE-2026-0404 (GCVE-0-2026-0404)
Vulnerability from cvelistv5 – Published: 2026-01-13 16:01 – Updated: 2026-01-13 16:25
VLAI?
Title
Insufficient input validation in NETGEAR Orbi routers
Summary
An insufficient input validation vulnerability in NETGEAR Orbi devices'
DHCPv6 functionality allows network adjacent attackers authenticated
over WiFi or on LAN to execute OS command injections on the router.
DHCPv6 is not enabled by default.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| NETGEAR | RBRE960 |
Affected:
0 , < v7.2.8.5
(custom)
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Hyunseok Yun
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0404",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-13T16:24:39.262353Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T16:25:13.184Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RBRE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBSE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBRE950",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBSE950",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR840",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS840",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbre960:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbse960:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr850:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs850:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr860:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs860:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbre950:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbse950:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr750:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs750:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr840:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs840:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Hyunseok Yun"
}
],
"datePublic": "2026-01-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn insufficient input validation vulnerability in NETGEAR Orbi devices\u0027 \nDHCPv6 functionality\u0026nbsp;allows network adjacent attackers authenticated \nover\u0026nbsp;WiFi or on LAN\u0026nbsp;to execute OS command injections on the router. \nDHCPv6 is not enabled by default.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An insufficient input validation vulnerability in NETGEAR Orbi devices\u0027 \nDHCPv6 functionality\u00a0allows network adjacent attackers authenticated \nover\u00a0WiFi or on LAN\u00a0to execute OS command injections on the router. \nDHCPv6 is not enabled by default."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T16:22:30.971Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbre960"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbse960"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr850"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbs850"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr860"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbs860"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbre950"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbse950"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr750"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbs750"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr840"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbs840"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch \napplied. If not, please check the firmware version and update it to the \nlatest.\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003eRBR750\u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr750\"\u003e firmware v7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR840 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr840\"\u003efirmware v7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR850 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr850\"\u003efirmware v7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR860 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr860\"\u003efirmware v7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS750 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs750\"\u003efirmware v7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS840 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs840\"\u003efirmware v7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS850 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs850\"\u003efirmware v7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS860 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs860\"\u003efirmware v7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBRE950\u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbre950\"\u003e firmware v7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBRE960 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbre960\"\u003efirmware v7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBSE950 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbse950\"\u003efirmware v7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBSE960 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbse960\"\u003efirmware v7.2.8.5 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch \napplied. If not, please check the firmware version and update it to the \nlatest.\n\n\n\nFixed in:\n\n\n\n\n\nRBR750 firmware v7.2.8.5 or later https://www.netgear.com/support/product/rbr750 \nRBR840 firmware v7.2.8.5 or later https://www.netgear.com/support/product/rbr840 \nRBR850 firmware v7.2.8.5 or later https://www.netgear.com/support/product/rbr850 \nRBR860 firmware v7.2.8.5 or later https://www.netgear.com/support/product/rbr860 \nRBS750 firmware v7.2.8.5 or later https://www.netgear.com/support/product/rbs750 \nRBS840 firmware v7.2.8.5 or later https://www.netgear.com/support/product/rbs840 \nRBS850 firmware v7.2.8.5 or later https://www.netgear.com/support/product/rbs850 \nRBS860 firmware v7.2.8.5 or later https://www.netgear.com/support/product/rbs860 \nRBRE950 firmware v7.2.8.5 or later https://www.netgear.com/support/product/rbre950 \nRBRE960 firmware v7.2.8.5 or later https://www.netgear.com/support/product/rbre960 \nRBSE950 firmware v7.2.8.5 or later https://www.netgear.com/support/product/rbse950 \nRBSE960 firmware v7.2.8.5 or later https://www.netgear.com/support/product/rbse960"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient input validation in NETGEAR Orbi routers",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0404",
"datePublished": "2026-01-13T16:01:14.944Z",
"dateReserved": "2025-12-03T04:16:10.186Z",
"dateUpdated": "2026-01-13T16:25:13.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0408 (GCVE-0-2026-0408)
Vulnerability from cvelistv5 – Published: 2026-01-13 16:01 – Updated: 2026-01-13 16:38
VLAI?
Title
Path traversal vulnerability in Netgear WiFi Range Extenders
Summary
A path traversal vulnerability in NETGEAR WiFi range extenders allows
an attacker with LAN authentication to access the router's IP and
review the contents of the dynamically generated webproc file, which
records the username and password submitted to the router GUI.
Severity ?
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
Credits
chiphazard
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0408",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-13T16:37:32.972674Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T16:38:45.105Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EX5000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX3110",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX6110",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX2800",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex5000:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3110:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6110:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex2800:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "chiphazard"
}
],
"datePublic": "2026-01-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA path traversal vulnerability in NETGEAR WiFi range extenders allows\n an attacker with LAN authentication to access the router\u0027s IP and \nreview the contents of the dynamically generated webproc file, which \nrecords the username and password submitted to the router GUI.\u0026nbsp;\u003c/p\u003e"
}
],
"value": "A path traversal vulnerability in NETGEAR WiFi range extenders allows\n an attacker with LAN authentication to access the router\u0027s IP and \nreview the contents of the dynamically generated webproc file, which \nrecords the username and password submitted to the router GUI."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T16:22:13.288Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex5000"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex3110"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex6110"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex2800"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eManually check the firmware version and update it to the latest.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\u003cp\u003e\u003cspan\u003eEX2800\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex2800\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eEX3110\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex3110\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eEX5000 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex5000\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eEX6110\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex6110\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Manually check the firmware version and update it to the latest.\n\n\n\n\n\nFixed in:\n\nEX2800\u00a0 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex2800 \nEX3110\u00a0 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex3110 \nEX5000 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex5000 \nEX6110\u00a0 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex6110"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Path traversal vulnerability in Netgear WiFi Range Extenders",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0408",
"datePublished": "2026-01-13T16:01:11.201Z",
"dateReserved": "2025-12-03T04:16:14.964Z",
"dateUpdated": "2026-01-13T16:38:45.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0407 (GCVE-0-2026-0407)
Vulnerability from cvelistv5 – Published: 2026-01-13 16:01 – Updated: 2026-01-13 18:47
VLAI?
Title
Authentication bypass in NETGEAR WiFi Range Extenders via network adjacent attacks
Summary
An insufficient authentication vulnerability in NETGEAR WiFi range
extenders allows a network adjacent attacker with WiFi authentication or
a physical Ethernet port connection to bypass the authentication
process and access the admin panel.
Severity ?
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
Credits
Mad_Max
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0407",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-13T18:47:17.569193Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T18:47:48.218Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EX5000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX3110",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX6110",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX2800",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex5000:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3110:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6110:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex2800:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mad_Max"
}
],
"datePublic": "2026-01-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn insufficient authentication vulnerability in NETGEAR WiFi range \nextenders allows a network adjacent attacker with WiFi authentication\u0026nbsp;or\n a physical\u0026nbsp;Ethernet port connection to bypass the authentication \nprocess and access the admin panel.\u003c/p\u003e"
}
],
"value": "An insufficient authentication vulnerability in NETGEAR WiFi range \nextenders allows a network adjacent attacker with WiFi authentication\u00a0or\n a physical\u00a0Ethernet port connection to bypass the authentication \nprocess and access the admin panel."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T16:21:52.087Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex5000"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex3110"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex6110"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex2800"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eManually check the firmware version and update it to the latest.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\n\n\u003cp\u003e\u003cspan\u003eEX2800\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex2800\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eEX3110\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex3110\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eEX5000 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex5000\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eEX6110\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex6110\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Manually check the firmware version and update it to the latest.\n\n\n\n\n\nFixed in:\n\n\n\nEX2800\u00a0 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex2800 \nEX3110\u00a0 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex3110 \nEX5000 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex5000 \nEX6110\u00a0 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex6110"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Authentication bypass in NETGEAR WiFi Range Extenders via network adjacent attacks",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0407",
"datePublished": "2026-01-13T16:01:04.157Z",
"dateReserved": "2025-12-03T04:16:13.882Z",
"dateUpdated": "2026-01-13T18:47:48.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0406 (GCVE-0-2026-0406)
Vulnerability from cvelistv5 – Published: 2026-01-13 16:00 – Updated: 2026-01-13 18:49
VLAI?
Title
Insufficient input validation in NETGEAR Nighthawk router XR1000v2
Summary
An insufficient input validation vulnerability in the NETGEAR XR1000v2
allows attackers connected to the router's LAN to execute OS command
injections.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Credits
o4ncL1
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0406",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-13T18:49:08.387722Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T18:49:23.178Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "XR1000v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.1.0.22",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:xr1000v2:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.1.0.22",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "o4ncL1"
}
],
"datePublic": "2026-01-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn insufficient input validation vulnerability in the NETGEAR XR1000v2 \nallows attackers connected to the router\u0027s LAN\u0026nbsp;to execute OS command \ninjections.\u0026nbsp;\u003c/p\u003e"
}
],
"value": "An insufficient input validation vulnerability in the NETGEAR XR1000v2 \nallows attackers connected to the router\u0027s LAN\u00a0to execute OS command \ninjections."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/S:N/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T16:21:33.600Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/xr1000v2"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this\npatch applied. If not, please check the firmware version and update it to the\nlatest.\u003c/p\u003e\u003cp\u003eFixed in:\u003c/p\u003e\u003cdiv\u003eXR1000v2 \u003ca href=\"https://www.netgear.com/support/product/xr1000v2\"\u003eFirmware v\u003cstrong\u003e1.1.2.34\u003c/strong\u003e\u0026nbsp;or later\u003c/a\u003e\u003c/div\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this\npatch applied. If not, please check the firmware version and update it to the\nlatest.\n\nFixed in:\n\nXR1000v2 Firmware v1.1.2.34\u00a0or later https://www.netgear.com/support/product/xr1000v2"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient input validation in NETGEAR Nighthawk router XR1000v2",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0406",
"datePublished": "2026-01-13T16:00:59.458Z",
"dateReserved": "2025-12-03T04:16:12.706Z",
"dateUpdated": "2026-01-13T18:49:23.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0405 (GCVE-0-2026-0405)
Vulnerability from cvelistv5 – Published: 2026-01-13 16:00 – Updated: 2026-01-13 18:51
VLAI?
Title
Authentication Bypass in NETGEAR Orbi Devices
Summary
An authentication bypass vulnerability in NETGEAR Orbi devices allows
users connected to the local network to access the router web interface
as an admin.
Severity ?
CWE
- CWE-287 - Improper Authentication
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| NETGEAR | RBE970 |
Affected:
0 , < v9.13.2.1
(custom)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Fulaige
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0405",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-13T18:50:42.180831Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T18:51:16.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RBE970",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v9.13.2.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE971",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v9.13.2.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.14.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.15.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE770",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v10.5.20.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE771",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v10.5.20.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE772",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v10.5.20.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE773",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v10.5.20.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR840",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS840",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBRE950",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBSE950",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBRE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBSE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE370",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE371",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE372",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE373",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE374",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe970:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v9.13.2.1",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe971:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v9.13.2.1",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:cbr750:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v4.6.14.8",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:nbr750:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v4.6.15.14",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe770:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v10.5.20.7",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe771:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v10.5.20.7",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe772:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v10.5.20.7",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe773:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v10.5.20.7",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr750:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs750:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr840:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs840:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr850:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs850:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr860:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs860:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbre950:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbse950:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbre960:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbse960:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe370:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe371:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe372:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe373:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe374:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Fulaige"
}
],
"datePublic": "2026-01-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eAn authentication bypass vulnerability in NETGEAR Orbi devices allows \nusers connected to the local network to access the router web interface \nas an admin.\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An authentication bypass vulnerability in NETGEAR Orbi devices allows \nusers connected to the local network to access the router web interface \nas an admin."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T16:21:13.069Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe971"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe970"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/cbr750"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/nbr750"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe770"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe771"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe772"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe773"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbr750"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbs750"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbr840"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbs840"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbr850"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbs850"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbr860"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbs860"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbre950"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbse950"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbre960"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbse960"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe370"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe371"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe372"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe373"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe374"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch \napplied. If not, please check the firmware version and update it to the \nlatest.\u003c/p\u003e\u003cp\u003eFixed in:\u003c/p\u003e\u003cp\u003e\u003cspan\u003eCBR750 f\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/cbr750\"\u003eirmware V4.6.14.8 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eNBR750 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/nbr750\"\u003efirmware V4.6.15.14 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE370 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe370\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE371 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe371\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE372 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe372\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE373 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe373\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE374 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe374\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE770 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe770\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE771 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe771\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE772 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe772\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE773 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe773\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE970\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe970\"\u003efirmware v9.13.2.1 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE971 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe971\"\u003efirmware v9.13.2.1 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR750 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr750\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR840 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr840\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR850 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr850\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR860 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr860\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS750 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs750\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS840 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs840\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS850 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs850\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS860 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs860\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBRE950 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbre950\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBRE960 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbre960\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBSE950 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbse950\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBSE960 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbse960\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003c/p\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch \napplied. If not, please check the firmware version and update it to the \nlatest.\n\nFixed in:\n\nCBR750 f irmware V4.6.14.8 or later https://www.netgear.com/support/product/cbr750 \nNBR750 firmware V4.6.15.14 or later https://www.netgear.com/support/product/nbr750 \nRBE370 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe370 \nRBE371 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe371 \nRBE372 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe372 \nRBE373 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe373 \nRBE374 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe374 \nRBE770 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe770 \nRBE771 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe771 \nRBE772 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe772 \nRBE773 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe773 \nRBE970\u00a0 firmware v9.13.2.1 or later https://www.netgear.com/support/product/rbe970 \nRBE971 firmware v9.13.2.1 or later https://www.netgear.com/support/product/rbe971 \nRBR750 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr750 \nRBR840 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr840 \nRBR850 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr850 \nRBR860 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr860 \nRBS750 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs750 \nRBS840 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs840 \nRBS850 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs850 \nRBS860 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs860 \nRBRE950 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbre950 \nRBRE960 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbre960 \nRBSE950 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbse950 \nRBSE960 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbse960"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Authentication Bypass in NETGEAR Orbi Devices",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0405",
"datePublished": "2026-01-13T16:00:48.296Z",
"dateReserved": "2025-12-03T04:16:11.511Z",
"dateUpdated": "2026-01-13T18:51:16.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0403 (GCVE-0-2026-0403)
Vulnerability from cvelistv5 – Published: 2026-01-13 16:00 – Updated: 2026-01-13 19:09
VLAI?
Title
Insufficient input validation in NETGEAR Orbi routers
Summary
An insufficient input validation vulnerability in NETGEAR Orbi routers
allows attackers connected to the router's LAN to execute OS command
injections.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| NETGEAR | RBR750 |
Affected:
0 , ≤ 4.6.14.3
(custom)
|
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Credits
fxc233
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0403",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-13T19:08:14.570926Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T19:09:31.539Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "4.6.14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS750",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "4.6.14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBRE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.7.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBSE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.7.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE971",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v9.10.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE970",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v9.10.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr750:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.6.14.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs750:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.6.14.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbre960:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.7.15",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbse960:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.7.15",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr850:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs850:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe971:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v9.10.0.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe970:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v9.10.0.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr860:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs860:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "fxc233"
}
],
"datePublic": "2026-01-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn insufficient input validation vulnerability in NETGEAR Orbi routers \nallows attackers connected to the router\u0027s LAN\u0026nbsp;to execute OS command \ninjections.\u0026nbsp;\u003c/p\u003e"
}
],
"value": "An insufficient input validation vulnerability in NETGEAR Orbi routers \nallows attackers connected to the router\u0027s LAN\u00a0to execute OS command \ninjections."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 1.1,
"baseSeverity": "LOW",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T16:20:30.263Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr750"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbs750"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbre960"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbse960"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr850"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbs850"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbe971"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbe970"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr860"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbs860"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this\npatch applied. If not, please check the firmware version and update it to the\nlatest.\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\u003cp\u003e\u003cspan\u003eRBE971 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe971\"\u003efirmware 9.10.0.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE970 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe970\"\u003efirmware 9.10.0.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR750\u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr750\"\u003e firmware 7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR850 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr850\"\u003efirmware 7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR860 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr860\"\u003efirmware 7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS750\u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs750\"\u003e firmware 7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS850 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs850\"\u003efirmware 7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS860 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs860\"\u003efirmware 7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBRE960 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbre960\"\u003efirmware 7.2.7.15 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBSE960 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbse960\"\u003efirmware 7.2.7.15 or later\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this\npatch applied. If not, please check the firmware version and update it to the\nlatest.\n\n\n\nFixed in:\n\nRBE971 firmware 9.10.0.2 or later https://www.netgear.com/support/product/rbe971 \nRBE970 firmware 9.10.0.2 or later https://www.netgear.com/support/product/rbe970 \nRBR750 firmware 7.2.8.5 or later https://www.netgear.com/support/product/rbr750 \nRBR850 firmware 7.2.8.5 or later https://www.netgear.com/support/product/rbr850 \nRBR860 firmware 7.2.8.5 or later https://www.netgear.com/support/product/rbr860 \nRBS750 firmware 7.2.8.5 or later https://www.netgear.com/support/product/rbs750 \nRBS850 firmware 7.2.8.5 or later https://www.netgear.com/support/product/rbs850 \nRBS860 firmware 7.2.8.5 or later https://www.netgear.com/support/product/rbs860 \nRBRE960 firmware 7.2.7.15 or later https://www.netgear.com/support/product/rbre960 \nRBSE960 firmware 7.2.7.15 or later https://www.netgear.com/support/product/rbse960"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient input validation in NETGEAR Orbi routers",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0403",
"datePublished": "2026-01-13T16:00:25.831Z",
"dateReserved": "2025-12-03T04:16:02.333Z",
"dateUpdated": "2026-01-13T19:09:31.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12946 (GCVE-0-2025-12946)
Vulnerability from cvelistv5 – Published: 2025-12-09 17:02 – Updated: 2025-12-10 04:57
VLAI?
Title
Improper input validation in NETGEAR Nighthawk routers
Summary
A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run.
This issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46; RAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| NETGEAR | RS700 |
Affected:
0 , ≤ 1.0.7.82
(custom)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
molybdenum
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12946",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-09T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-10T04:57:22.798Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Speedtest"
],
"product": "RS700",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.7.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX54Sv2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.6.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX41v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.6.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.2.14.114",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE500",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.2.14.114",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX41",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.17.142",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.17.142",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX35v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.17.142",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE450",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.2.14.114",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.6.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.17.142",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX45",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.17.142",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.6.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR90",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.2.46",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.6.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX49S",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.6.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS90",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.2.46",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rs700:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.7.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax54sv2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.6.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax41v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.6.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax50:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.2.14.114",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:raxe500:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.2.14.114",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax41:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.17.142",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax43:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.17.142",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax35v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.17.142",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:raxe450:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.2.14.114",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax43v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.6.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax42:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.17.142",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax45:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.17.142",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax50v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.6.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:mr90:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.2.46",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax42v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.6.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax49s:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.6.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms90:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.2.46",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "molybdenum"
}
],
"datePublic": "2025-12-09T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eA vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router\u0027s WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run. \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003eThis issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46;\u202fRAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36. \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router\u0027s WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run. \n\n\n\nThis issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46;\u202fRAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "AUTOMATIC",
"Safety": "NEGLIGIBLE",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/S:N/AU:N/R:A/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T19:35:39.538Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rs700"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax54sv2"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax41v2"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/RAX50"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe500"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax41"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax35v2"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe450"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43v2"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax45"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50v2"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr90"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms90"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42v2"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax49s"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070416/December-2025-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have\nthis patch applied. If not, please check the firmware version and update it to\nthe latest.\u003cbr\u003e\n\u003cbr\u003e\n\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\u003cp\u003eRS700 firmware V1.0.9.6 or later\u003c/p\u003e\u003cp\u003eRAX54Sv2/RAX45v2\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax54sv2\"\u003efirmware\u0026nbsp;V1.1.6.36 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX41v2\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax41v2\"\u003efirmware V1.1.6.36 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX50\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX50\"\u003efirmware V1.2.14.114 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAXE500\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/raxe500\"\u003efirmware V1.2.14.114\u0026nbsp;or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX41 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax41\"\u003efirmware V1.0.17.142 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX43 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax43\"\u003efirmware V1.0.17.142 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX35v2 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX35v2\"\u003efirmware V1.0.17.142 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAXE450 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAXE450\"\u003efirmware V1.0.17.142 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX43v2 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX43v2\"\u003efirmware V1.1.6.36 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX42 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX42\"\u003efirmware V1.0.17.142 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX45\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX45\"\u003efirmware V1.0.17.142 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX50v2 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX50v2\"\u003efirmware V1.1.6.36 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMR90 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/MR90\"\u003efirmware V1.0.2.46 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS90 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/MS90\"\u003efirmware V1.0.2.46 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX42v2 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX42v2\"\u003efirmware V1.1.6.36 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX49S \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX42v2\"\u003efirmware V1.1.6.36 or later\u003c/a\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "Devices with automatic updates enabled may already have\nthis patch applied. If not, please check the firmware version and update it to\nthe latest.\n\n\n\n\n\n\n\nFixed in:\n\nRS700 firmware V1.0.9.6 or later\n\nRAX54Sv2/RAX45v2\u00a0 firmware\u00a0V1.1.6.36 or later https://www.netgear.com/support/product/rax54sv2 \n\nRAX41v2\u00a0 firmware V1.1.6.36 or later https://www.netgear.com/support/product/rax41v2 \n\nRAX50\u00a0 firmware V1.2.14.114 or later https://www.netgear.com/support/product/RAX50 \n\nRAXE500\u00a0 firmware V1.2.14.114\u00a0or later https://www.netgear.com/support/product/raxe500 \n\nRAX41 firmware V1.0.17.142 or later https://www.netgear.com/support/product/rax41 \n\nRAX43 firmware V1.0.17.142 or later https://www.netgear.com/support/product/rax43 \n\nRAX35v2 firmware V1.0.17.142 or later https://www.netgear.com/support/product/RAX35v2 \n\nRAXE450 firmware V1.0.17.142 or later https://www.netgear.com/support/product/RAXE450 \n\nRAX43v2 firmware V1.1.6.36 or later https://www.netgear.com/support/product/RAX43v2 \n\nRAX42 firmware V1.0.17.142 or later https://www.netgear.com/support/product/RAX42 \n\nRAX45\u00a0 firmware V1.0.17.142 or later https://www.netgear.com/support/product/RAX45 \n\nRAX50v2 firmware V1.1.6.36 or later https://www.netgear.com/support/product/RAX50v2 \n\nMR90 firmware V1.0.2.46 or later https://www.netgear.com/support/product/MR90 \n\nMS90 firmware V1.0.2.46 or later https://www.netgear.com/support/product/MS90 \n\nRAX42v2 firmware V1.1.6.36 or later https://www.netgear.com/support/product/RAX42v2 \n\nRAX49S firmware V1.1.6.36 or later https://www.netgear.com/support/product/RAX42v2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2025-12-09T16:00:00.000Z",
"value": "published"
}
],
"title": "Improper input validation in NETGEAR Nighthawk routers",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2025-12946",
"datePublished": "2025-12-09T17:02:20.739Z",
"dateReserved": "2025-11-10T08:26:32.586Z",
"dateUpdated": "2025-12-10T04:57:22.798Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12945 (GCVE-0-2025-12945)
Vulnerability from cvelistv5 – Published: 2025-12-09 17:01 – Updated: 2025-12-09 20:44 Unsupported When Assigned
VLAI?
Title
Improper input validation in NETGEAR Nighthawk router R7000P
Summary
A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation.
This issue affects R7000P: through 1.3.3.154.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Credits
SmallS
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12945",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-09T20:22:21.969102Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T20:44:03.610Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "R7000P",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.3.3.154",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.3.3.154",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "SmallS"
}
],
"datePublic": "2025-12-09T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eA vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003eThis issue affects R7000P: through 1.3.3.154. \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. \n\n\n\nThis issue affects R7000P: through 1.3.3.154."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "AUTOMATIC",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 1.1,
"baseSeverity": "LOW",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:A/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T19:34:36.492Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product"
],
"url": "https://www.netgear.com/support/product/r7000p"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070416/December-2025-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "NETGEAR\nR7000P has reached End-of-Support phase, and no security updates are planned.\nNETGEAR strongly recommends that you retire this device and upgrade to a\nnewer NETGEAR device for continued security support.\n\n\n\n\u003cbr\u003e"
}
],
"value": "NETGEAR\nR7000P has reached End-of-Support phase, and no security updates are planned.\nNETGEAR strongly recommends that you retire this device and upgrade to a\nnewer NETGEAR device for continued security support."
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Improper input validation in NETGEAR Nighthawk router R7000P",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "NETGEAR strongly recommends not to allow untrusted users to administer your device and protect it with strong password.\u0026nbsp;"
}
],
"value": "NETGEAR strongly recommends not to allow untrusted users to administer your device and protect it with strong password."
}
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2025-12945",
"datePublished": "2025-12-09T17:01:38.595Z",
"dateReserved": "2025-11-10T08:26:25.516Z",
"dateUpdated": "2025-12-09T20:44:03.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12941 (GCVE-0-2025-12941)
Vulnerability from cvelistv5 – Published: 2025-12-09 17:01 – Updated: 2025-12-09 20:44 Unsupported When Assigned
VLAI?
Title
Denial of Service Vulnerability in NETGEAR C6220 and C6230
Summary
Denial of Service Vulnerability in NETGEAR C6220 and C6230 (DOCSIS® 3.0 Two-in-one Cable Modem + WiFi Router) allows authenticated local WiFi users reboot the router.
Severity ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
Credits
Quickdraw
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12941",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-09T20:22:30.920742Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T20:44:09.127Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "C6220",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "C6230",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:c6220:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:c6230:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Quickdraw"
}
],
"datePublic": "2025-12-09T02:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eDenial of Service Vulnerability in NETGEAR\u202fC6220\u202fand\u202fC6230\u202f(DOCSIS\u00ae 3.0 Two-in-one Cable Modem + WiFi Router) allows authenticated local WiFi users reboot the router. \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Denial of Service Vulnerability in NETGEAR\u202fC6220\u202fand\u202fC6230\u202f(DOCSIS\u00ae 3.0 Two-in-one Cable Modem + WiFi Router) allows authenticated local WiFi users reboot the router."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We are not aware of any exploitation.\u0026nbsp;"
}
],
"value": "We are not aware of any exploitation."
}
],
"impacts": [
{
"capecId": "CAPEC-469",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-469 HTTP DoS"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "AUTOMATIC",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/AU:N/R:A/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T19:33:15.751Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product"
],
"url": "https://www.netgear.com/support/product/c6220/"
},
{
"tags": [
"product"
],
"url": "https://www.netgear.com/support/product/c6230/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070416/December-2025-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eNETGEAR strongly advises against allowing untrusted users or devices on your WiFi network. The NETGEAR C6220 has reached End-of-Support (EOS) and C6230 will reach EOS soon. Due to limited security impact (device reboots only), no fixes are planned.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "NETGEAR strongly advises against allowing untrusted users or devices on your WiFi network. The NETGEAR C6220 has reached End-of-Support (EOS) and C6230 will reach EOS soon. Due to limited security impact (device reboots only), no fixes are planned."
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Denial of Service Vulnerability in NETGEAR C6220 and C6230",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The users are advised to not allow untrusted devices to connect to the Wi-fi Network.\u0026nbsp;"
}
],
"value": "The users are advised to not allow untrusted devices to connect to the Wi-fi Network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2025-12941",
"datePublished": "2025-12-09T17:01:04.702Z",
"dateReserved": "2025-11-10T07:35:22.119Z",
"dateUpdated": "2025-12-09T20:44:09.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12944 (GCVE-0-2025-12944)
Vulnerability from cvelistv5 – Published: 2025-11-11 16:17 – Updated: 2025-11-13 04:55 Unsupported When Assigned
VLAI?
Title
Improper input validation in NETGEAR DGN2200v4
Summary
Improper input validation
in NETGEAR DGN2200v4 (N300 Wireless ADSL2+ Modem Router) allows attackers with
direct network access to the device to potentially execute code on the device.
Please check the firmware version and update to the latest.
Fixed
in:
DGN2200v4
firmware 1.0.0.132 or later
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Credits
crixer
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12944",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T04:55:32.716Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DGN2200v4",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.0.126",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200v4:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.0.126",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "crixer"
}
],
"datePublic": "2025-11-11T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eImproper input validation\nin NETGEAR \u003cb\u003eDGN2200v4\u003c/b\u003e (N300 Wireless ADSL2+ Modem Router)\u003cb\u003e \u003c/b\u003eallows attackers with\ndirect network access to the device to potentially execute code on the device.\u003c/div\u003e\u003cdiv\u003e\u003cp\u003ePlease check the firmware version and update to the latest.\u003c/p\u003e\n\n\u003cp\u003eFixed\nin:\u003c/p\u003e\n\n\u003cdel\u003e\u0026nbsp;\u003c/del\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/dgn2200v4/#download\"\u003eDGN2200v4\nfirmware 1.0.0.132 or later\u003c/a\u003e\n\n\n\n\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Improper input validation\nin NETGEAR DGN2200v4 (N300 Wireless ADSL2+ Modem Router) allows attackers with\ndirect network access to the device to potentially execute code on the device.\n\nPlease check the firmware version and update to the latest.\n\n\n\nFixed\nin:\n\n\n\n\u00a0DGN2200v4\nfirmware 1.0.0.132 or later"
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "AUTOMATIC",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/AU:N/R:A/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-11T16:17:51.202Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/dgn2200v4"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070355/NETGEAR-Security-Advisories-November-2025"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003ePlease check the firmware version and update to the latest.\u003c/p\u003e\n\n\u003cp\u003eFixed\nin:\u003c/p\u003e\n\n\u003cdel\u003e\u0026nbsp;\u003c/del\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/dgn2200v4/#download\"\u003eDGN2200v4\nfirmware 1.0.0.132 or later\u003c/a\u003e"
}
],
"value": "Please check the firmware version and update to the latest.\n\n\n\nFixed\nin:\n\n\n\n\u00a0DGN2200v4\nfirmware 1.0.0.132 or later"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Improper input validation in NETGEAR DGN2200v4",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2025-12944",
"datePublished": "2025-11-11T16:17:51.202Z",
"dateReserved": "2025-11-10T07:35:39.322Z",
"dateUpdated": "2025-11-13T04:55:32.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12943 (GCVE-0-2025-12943)
Vulnerability from cvelistv5 – Published: 2025-11-11 16:17 – Updated: 2026-01-07 17:09
VLAI?
Title
Improper certificate validation in firmware update logic in NETGEAR RAX30 and RAXE300
Summary
Improper certificate
validation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream
AX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band
WiFi 6E Router) allows attackers with the ability to intercept and
tamper traffic destined to the device to execute arbitrary commands on the
device.
Devices
with automatic updates enabled may already have this patch applied. If not,
please check the firmware version and update to the
latest.
Fixed in:
RAX30 firmware
1.0.14.108 or later.
RAXE300 firmware
1.0.9.82 or later
Severity ?
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
Credits
rqu4
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12943",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T04:55:33.797632Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T17:09:48.872Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RAX30",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "1.0.10.95",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE300",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "1.0.9.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax30:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.10.95",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:raxe300:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.9.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "rqu4"
}
],
"datePublic": "2025-11-11T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eImproper certificate\nvalidation in firmware update logic in NETGEAR \u003cb\u003eRAX30 \u003c/b\u003e(Nighthawk AX5 5-Stream\nAX2400 WiFi 6 Router)\u003cb\u003e \u003c/b\u003eand\u003cb\u003e \u003c/b\u003e\u003cb\u003eRAXE300\u003c/b\u003e (Nighthawk AXE7800 Tri-Band\nWiFi 6E Router) allows attackers with the ability to intercept and\ntamper traffic destined to the device to execute arbitrary commands on the\ndevice.\u003c/div\u003e\u003cdiv\u003e\u003cp\u003eDevices\nwith automatic updates enabled may already have this patch applied. If not,\nplease check the firmware version and update to the\nlatest.\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\n\n\u003cp\u003eRAX30 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax30/#download\"\u003efirmware\n1.0.14.108 or later\u003c/a\u003e.\u003c/p\u003e\n\nRAXE300 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/raxe300/#download\"\u003efirmware\n1.0.9.82 or later\u003c/a\u003e\n\n\n\n\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Improper certificate\nvalidation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream\nAX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band\nWiFi 6E Router) allows attackers with the ability to intercept and\ntamper traffic destined to the device to execute arbitrary commands on the\ndevice.\n\nDevices\nwith automatic updates enabled may already have this patch applied. If not,\nplease check the firmware version and update to the\nlatest.\n\n\n\nFixed in:\n\n\n\nRAX30 firmware\n1.0.14.108 or later.\n\n\n\nRAXE300 firmware\n1.0.9.82 or later"
}
],
"impacts": [
{
"capecId": "CAPEC-94",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-94 Adversary in the Middle (AiTM)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-11T16:17:44.766Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax30"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe300"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070355/NETGEAR-Security-Advisories-November-2025"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices\nwith automatic updates enabled may already have this patch applied. If not,\nplease check the firmware version and update to the\nlatest.\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\n\n\u003cp\u003eRAX30 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax30/#download\"\u003efirmware\n1.0.14.108 or later\u003c/a\u003e.\u003c/p\u003e\n\nRAXE300 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/raxe300/#download\"\u003efirmware\n1.0.9.82 or later\u003c/a\u003e"
}
],
"value": "Devices\nwith automatic updates enabled may already have this patch applied. If not,\nplease check the firmware version and update to the\nlatest.\n\n\n\nFixed in:\n\n\n\nRAX30 firmware\n1.0.14.108 or later.\n\n\n\nRAXE300 firmware\n1.0.9.82 or later"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper certificate validation in firmware update logic in NETGEAR RAX30 and RAXE300",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2025-12943",
"datePublished": "2025-11-11T16:17:44.766Z",
"dateReserved": "2025-11-10T07:35:29.116Z",
"dateUpdated": "2026-01-07T17:09:48.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12942 (GCVE-0-2025-12942)
Vulnerability from cvelistv5 – Published: 2025-11-11 16:17 – Updated: 2026-01-07 17:09
VLAI?
Title
Improper input validation in NETGEAR R6260 and R6850
Summary
Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
Credits
dcmtruman
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12942",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T04:55:35.996372Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T17:09:49.019Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "R6260",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.1.0.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6850",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.1.0.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6260:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.1.0.86",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6850:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.1.0.86",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "dcmtruman"
}
],
"datePublic": "2025-11-11T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.\u003cp\u003eThis issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86.\u003c/p\u003e"
}
],
"value": "Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-11T17:12:06.072Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6850"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/r6260"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070355/NETGEAR-Security-Advisories-November-2025"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have\nthis patch applied. If not, please check the firmware version and update to the\nlatest.\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\n\n\u003cp\u003eR6260 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.downloads.netgear.com/files/GDC/R6260/R6260-V1.1.1.88.zip\"\u003eFirmware\nVersion 1.1.0.88 or later\u003c/a\u003e\u003c/p\u003e\n\n\u003cp\u003eR6850 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.downloads.netgear.com/files/GDC/R6850/R6850_V1.1.0.88.zip\"\u003eFirmware\nVersion 1.1.0.88 or later\u003c/a\u003e\u003c/p\u003e\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "Devices with automatic updates enabled may already have\nthis patch applied. If not, please check the firmware version and update to the\nlatest.\n\n\n\nFixed in:\n\n\n\nR6260 Firmware\nVersion 1.1.0.88 or later\n\n\n\nR6850 Firmware\nVersion 1.1.0.88 or later"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper input validation in NETGEAR R6260 and R6850",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2025-12942",
"datePublished": "2025-11-11T16:17:37.212Z",
"dateReserved": "2025-11-10T07:35:26.124Z",
"dateUpdated": "2026-01-07T17:09:49.019Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12940 (GCVE-0-2025-12940)
Vulnerability from cvelistv5 – Published: 2025-11-11 16:17 – Updated: 2025-11-14 17:41
VLAI?
Title
Credentials recorded in logs in NETGEAR WAX610 and WAX610Y
Summary
Login credentials are inadvertently recorded in logs if a Syslog Server is configured in NETGEAR WAX610
and WAX610Y (AX1800 Dual Band PoE Multi-Gig Insight Managed WiFi 6
Access Points). An user having access to the syslog server can read the logs containing these credentials.
This issue affects WAX610: before 10.8.11.4; WAX610Y: before 10.8.11.4.
Devices
managed with Insight get automatic updates. If not, please check the firmware version
and update to the latest.
Fixed in:
WAX610 firmware
11.8.0.10 or later.
WAX610Y firmware
11.8.0.10 or later.
Severity ?
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
Credits
filiperfonseca
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12940",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-14T17:41:09.064598Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-14T17:41:18.640Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WAX610",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "10.8.11.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WAX610Y",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "10.8.11.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wax610:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.8.11.4",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wax610y:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.8.11.4",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "filiperfonseca"
}
],
"datePublic": "2025-11-11T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eLogin credentials are inadvertently recorded in logs if a Syslog Server is configured in NETGEAR \u003cb\u003eWAX610\u003c/b\u003e\nand \u003cb\u003eWAX610Y\u003c/b\u003e (AX1800 Dual Band PoE Multi-Gig Insight Managed WiFi 6\nAccess Points). An user having access to the syslog server can read the logs containing these credentials.\u0026nbsp;\u003c/p\u003e\u003cp\u003eThis issue affects WAX610: before 10.8.11.4; WAX610Y: before 10.8.11.4.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eDevices\nmanaged with Insight get automatic updates. If not, please check the firmware version\nand update to the latest. \u003c/p\u003e\u003cp\u003e\n\n\u003c/p\u003e\u003cp\u003eFixed in:\u003c/p\u003e\n\n\u003cp\u003eWAX610 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/wax610/#download\"\u003efirmware\n11.8.0.10 or later\u003c/a\u003e.\u003c/p\u003e\n\nWAX610Y \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/wax610y/#download\"\u003efirmware\n11.8.0.10 or later\u003c/a\u003e.\n\n\n\n\u003cbr\u003e\u003cp\u003e\u003c/p\u003e\n\n\n\n\n\n\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "Login credentials are inadvertently recorded in logs if a Syslog Server is configured in NETGEAR WAX610\nand WAX610Y (AX1800 Dual Band PoE Multi-Gig Insight Managed WiFi 6\nAccess Points). An user having access to the syslog server can read the logs containing these credentials.\u00a0\n\nThis issue affects WAX610: before 10.8.11.4; WAX610Y: before 10.8.11.4.\n\n\nDevices\nmanaged with Insight get automatic updates. If not, please check the firmware version\nand update to the latest. \n\n\n\n\n\nFixed in:\n\n\n\nWAX610 firmware\n11.8.0.10 or later.\n\n\n\nWAX610Y firmware\n11.8.0.10 or later."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 0.5,
"baseSeverity": "LOW",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-11T16:17:25.837Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/wax610"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/wax610y"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070355/NETGEAR-Security-Advisories-November-2025"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices\nmanaged with Insight get automatic updates. If not, please check the firmware version\nand update to the latest. \u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\n\n\u003cp\u003eWAX610 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/wax610/#download\"\u003efirmware\n11.8.0.10 or later\u003c/a\u003e.\u003c/p\u003e\n\nWAX610Y \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/wax610y/#download\"\u003efirmware\n11.8.0.10 or later\u003c/a\u003e."
}
],
"value": "Devices\nmanaged with Insight get automatic updates. If not, please check the firmware version\nand update to the latest. \n\n\n\nFixed in:\n\n\n\nWAX610 firmware\n11.8.0.10 or later.\n\n\n\nWAX610Y firmware\n11.8.0.10 or later."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Credentials recorded in logs in NETGEAR WAX610 and WAX610Y",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2025-12940",
"datePublished": "2025-11-11T16:17:25.837Z",
"dateReserved": "2025-11-10T07:33:11.224Z",
"dateUpdated": "2025-11-14T17:41:18.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2018-11106 (GCVE-0-2018-11106)
Vulnerability from cvelistv5 – Published: 2020-04-01 16:31 – Updated: 2024-08-05 07:54
VLAI?
Summary
NETGEAR has released fixes for a pre-authentication command injection in request_handler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to 6.5.3.5; WC7600v2, running firmware versions prior to 6.5.3.5; and WC9500, running firmware versions prior to 6.5.3.5.
Severity ?
No CVSS data available.
CWE
- Other
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:54:36.460Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000058243/Security-Advisory-for-Pre-Authentication-Command-Injection-in-request-handler-php-on-Some-Wireless-Controllers-PSV-2018-0051"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WC7500",
"vendor": "NETGEAR",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to 6.5.3.5"
}
]
},
{
"product": "WC7520",
"vendor": "NETGEAR",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to 2.5.0.46"
}
]
},
{
"product": "WC7600v1",
"vendor": "NETGEAR",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to 6.5.3.5"
}
]
},
{
"product": "WC7600v2",
"vendor": "NETGEAR",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to 6.5.3.5"
}
]
},
{
"product": "WC9500",
"vendor": "NETGEAR",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to 6.5.3.5"
}
]
}
],
"datePublic": "2018-05-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NETGEAR has released fixes for a pre-authentication command injection in request_handler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to 6.5.3.5; WC7600v2, running firmware versions prior to 6.5.3.5; and WC9500, running firmware versions prior to 6.5.3.5."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-01T16:31:45",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "netgear"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000058243/Security-Advisory-for-Pre-Authentication-Command-Injection-in-request-handler-php-on-Some-Wireless-Controllers-PSV-2018-0051"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@netgear.com",
"ID": "CVE-2018-11106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WC7500",
"version": {
"version_data": [
{
"version_value": "firmware versions prior to 6.5.3.5"
}
]
}
},
{
"product_name": "WC7520",
"version": {
"version_data": [
{
"version_value": "firmware versions prior to 2.5.0.46"
}
]
}
},
{
"product_name": "WC7600v1",
"version": {
"version_data": [
{
"version_value": "firmware versions prior to 6.5.3.5"
}
]
}
},
{
"product_name": "WC7600v2",
"version": {
"version_data": [
{
"version_value": "firmware versions prior to 6.5.3.5"
}
]
}
},
{
"product_name": "WC9500",
"version": {
"version_data": [
{
"version_value": "firmware versions prior to 6.5.3.5"
}
]
}
}
]
},
"vendor_name": "NETGEAR"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NETGEAR has released fixes for a pre-authentication command injection in request_handler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to 6.5.3.5; WC7600v2, running firmware versions prior to 6.5.3.5; and WC9500, running firmware versions prior to 6.5.3.5."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000058243/Security-Advisory-for-Pre-Authentication-Command-Injection-in-request-handler-php-on-Some-Wireless-Controllers-PSV-2018-0051",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000058243/Security-Advisory-for-Pre-Authentication-Command-Injection-in-request-handler-php-on-Some-Wireless-Controllers-PSV-2018-0051"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "netgear",
"cveId": "CVE-2018-11106",
"datePublished": "2020-04-01T16:31:45",
"dateReserved": "2018-05-15T00:00:00",
"dateUpdated": "2024-08-05T07:54:36.460Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-6862 (GCVE-0-2017-6862)
Vulnerability from cvelistv5 – Published: 2017-05-26 20:00 – Updated: 2025-10-21 23:55
VLAI?
Summary
NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261.
Severity ?
9.8 (Critical)
CWE
- Unauthenticated Remote Code Execution
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42 |
Affected:
NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.673Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Code-Execution-on-Some-Routers-PSV-2016-0261"
},
{
"name": "98740",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98740"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2000v5_-_cve-2017-6862.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2017-6862",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T13:42:36.789125Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-06-08",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-6862"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:55:40.404Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-6862"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-06-08T00:00:00+00:00",
"value": "CVE-2017-6862 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42"
}
]
}
],
"datePublic": "2017-05-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unauthenticated Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-17T20:57:01.000Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "netgear"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Code-Execution-on-Some-Routers-PSV-2016-0261"
},
{
"name": "98740",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98740"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2000v5_-_cve-2017-6862.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@netgear.com",
"ID": "CVE-2017-6862",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42",
"version": {
"version_data": [
{
"version_value": "NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthenticated Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Code-Execution-on-Some-Routers-PSV-2016-0261",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Code-Execution-on-Some-Routers-PSV-2016-0261"
},
{
"name": "98740",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98740"
},
{
"name": "https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2000v5_-_cve-2017-6862.pdf",
"refsource": "MISC",
"url": "https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2000v5_-_cve-2017-6862.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "netgear",
"cveId": "CVE-2017-6862",
"datePublished": "2017-05-26T20:00:00.000Z",
"dateReserved": "2017-03-13T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:55:40.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}