CVE-2026-0415

Summary

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.

Affected Software

VendorProductVersion RangeStatus
NETGEARRBE9700 < V9.12.4.9affected
NETGEARRBR7500 < V7.2.8.5affected
NETGEARRBR8400 < V7.2.8.5affected
NETGEARRBR8500 < V7.2.8.5affected
NETGEARRBR8600 < V7.2.8.5affected
NETGEARRBRE9500 < V7.2.8.5affected
NETGEARRBRE9600 < V7.2.8.5affected
NETGEARRBS7500 < V7.2.8.5affected
NETGEARRBS8400 < V7.2.8.5affected
NETGEARRBS8500 < V7.2.8.5affected
NETGEARRBS8600 < V7.2.8.5affected
NETGEARRBSE9500 < V7.2.8.5affected
NETGEARRBSE9600 < V7.2.8.5affected

Weaknesses

  • CWE-20: CWE-20 Insufficient input validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References