CVE-2026-0418

Summary

Insufficient configuration management in the listed devices allows authenticated administrators connected to the local network to tamper with the system.

Affected Software

VendorProductVersion RangeStatus
NETGEARCBR7500 < v4.6.14.4affected
NETGEAREX61200 <= 1.0.0.72affected
NETGEAREX61300 <= 1.0.0.54affected
NETGEARMR600 < V1.1.7.128affected
NETGEARMR700 < V1.0.3.28affected
NETGEARMR800 < V1.1.7.6affected
NETGEARMS600 < V1.1.7.128affected
NETGEARMS700 < V1.0.3.28affected
NETGEARMS800 < V1.1.7.6affected
NETGEARRAX150 <= 1.0.18.144affected
NETGEARRAX200 <= 1.0.18.144affected
NETGEARRAX2000 <= 1.0.11.148affected
NETGEARRAX35v20 < V1.0.11.112affected
NETGEARRAX38v20 < V1.0.11.112affected
NETGEARRAX40v20 < V1.0.11.112affected
NETGEARRAX420 < V1.0.11.112affected
NETGEARRAX430 < V1.0.11.112affected
NETGEARRAX450 < V1.0.11.112affected
NETGEARRAX480 < V1.0.11.112affected
NETGEARRAX500 < V1.0.11.112affected
NETGEARRAX50S0 < V1.0.11.112affected
NETGEARRAX750 <= 1.0.11.148affected
NETGEARRAX800 <= 1.0.11.148affected
NETGEARRAXE4500 < V1.0.10.86affected
NETGEARRAXE5000 < V1.0.10.86affected
NETGEARRBR7500 < V4.6.14.3affected
NETGEARRBR8400 < V4.6.14.3affected
NETGEARRBR8500 < V4.6.14.3affected
NETGEARRBRE9600 < V6.3.7.5affected
NETGEARRBS7500 < V4.6.14.3affected
NETGEARRBS8400 < V4.6.14.3affected
NETGEARRBS8500 < V4.6.14.3affected
NETGEARRBSE9600 < V6.3.7.5affected
NETGEARRS7000 < V1.0.7.66affected
NETGEARXR10000 < v1.0.0.68affected

Weaknesses

  • CWE-15: CWE-15 External control of system or configuration setting

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References