CVE-2026-0417

Summary

Insufficient input validation vulnerability in the listed NETGEAR devices allows authenticated administrators connected to the local network to tamper with the router's integrity.

Affected Software

VendorProductVersion RangeStatus
NETGEARMR600 < V1.1.7.132affected
NETGEARMR700 < V1.0.3.28affected
NETGEARMR800 < V1.1.7.14affected
NETGEARMS600 < V1.1.7.132affected
NETGEARMS700 < V1.0.3.28affected
NETGEARMS800 < V1.1.7.14affected
NETGEARR6400v20 < V1.0.4.128affected
NETGEARR6700v30 < V1.0.4.128affected
NETGEARR6900P0 < V1.3.3.152affected
NETGEARR70000 < V1.0.11.216affected
NETGEARR7000P0 < V1.3.3.152affected
NETGEARR7960P0 < V1.4.4.92affected
NETGEARR8000P0 < V1.4.4.92affected
NETGEARR85000 <= 1.0.2.160affected
NETGEARRAX200 < V1.0.18.144affected
NETGEARRAX35v20 < V1.0.16.132affected
NETGEARRAX40v20 < V1.0.12.118affected
NETGEARRAX410 < V1.0.12.118affected
NETGEARRAX420 < V1.0.12.118affected
NETGEARRAX430 < V1.0.12.120affected
NETGEARRAX450 < V1.0.12.118affected
NETGEARRAX480 < V1.0.12.118affected
NETGEARRAX500 < V1.0.12.120affected
NETGEARRAX50S0 < V1.0.12.120affected
NETGEARRAXE4500 < V1.0.10.86affected
NETGEARRAXE5000 < V1.0.10.86affected
NETGEARXR10000 < V1.0.0.68affected

Weaknesses

  • CWE-20: CWE-20 Improper input validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References