CVE-2026-9210
4.9
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber
Summary
Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| NETGEAR | EX3700 | 0 < V1.0.0.100 | affected |
| NETGEAR | EX3800 | 0 < V1.0.0.100 | affected |
| NETGEAR | EX6120 | 0 < V1.0.0.72 | affected |
| NETGEAR | EX6130 | 0 < V1.0.0.54 | affected |
| NETGEAR | MR60 | 0 < V1.1.7.132 | affected |
| NETGEAR | MR70 | 0 < V1.0.3.28 | affected |
| NETGEAR | MR80 | 0 < V1.1.7.14 | affected |
| NETGEAR | MS60 | 0 < V1.1.7.132 | affected |
| NETGEAR | MS70 | 0 < V1.0.3.28 | affected |
| NETGEAR | MS80 | 0 < V1.1.7.14 | affected |
| NETGEAR | R6400v2 | 0 < V1.0.4.128 | affected |
| NETGEAR | R6700v3 | 0 < V1.0.4.128 | affected |
| NETGEAR | R6900P | 0 < V1.3.3.152 | affected |
| NETGEAR | R7000 | 0 < V1.0.11.216 | affected |
| NETGEAR | R7000P | 0 < V1.3.3.152 | affected |
| NETGEAR | R7960P | 0 < V1.4.4.92 | affected |
| NETGEAR | R8000P | 0 < V1.4.4.92 | affected |
| NETGEAR | R8500 | 0 <= 1.0.2.160 | affected |
| NETGEAR | RAX20 | 0 < V1.0.18.144 | affected |
| NETGEAR | RAX35v2 | 0 < V1.0.12.118 | affected |
| NETGEAR | RAX40v2 | 0 < V1.0.12.118 | affected |
| NETGEAR | RAX41 | 0 < V1.0.12.118 | affected |
| NETGEAR | RAX42 | 0 < V1.0.12.118 | affected |
| NETGEAR | RAX43 | 0 < V1.0.12.120 | affected |
| NETGEAR | RAX45 | 0 < V1.0.12.118 | affected |
| NETGEAR | RAX48 | 0 < V1.0.12.118 | affected |
| NETGEAR | RAX50 | 0 < V1.0.12.120 | affected |
| NETGEAR | RAX50S | 0 < V1.0.12.120 | affected |
| NETGEAR | RAXE450 | 0 < V1.0.10.86 | affected |
| NETGEAR | RAXE500 | 0 < V1.0.10.86 | affected |
| NETGEAR | XR1000 | 0 < V1.0.0.68 | affected |
Weaknesses
- CWE-20: CWE-20 Improper input validation
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://www.netgear.com/support/product/ex3700/
- https://www.netgear.com/support/product/ex3800/
- https://www.netgear.com/support/product/ex6120/
- https://www.netgear.com/support/product/mr60/
- https://www.netgear.com/support/product/ex6130/
- https://www.netgear.com/support/product/ms70/
- https://www.netgear.com/support/product/ms60/
- https://www.netgear.com/support/product/mr80/
- https://www.netgear.com/support/product/ms80/
- https://www.netgear.com/support/product/mr70/
- https://www.netgear.com/support/product/r6400v2/
- https://www.netgear.com/support/product/r6700v3/
- https://www.netgear.com/support/product/r6900p/
- https://www.netgear.com/support/product/r7960p/
- https://www.netgear.com/support/product/r7000p/
- https://www.netgear.com/support/product/r8000p/
- https://www.netgear.com/support/product/r8500/
- https://www.netgear.com/support/product/rax48/
- https://www.netgear.com/support/product/r7000/
- https://www.netgear.com/support/product/rax40v2/
- https://www.netgear.com/support/product/rax20/
- https://www.netgear.com/support/product/rax35v2/
- https://www.netgear.com/support/product/rax41/
- https://www.netgear.com/support/product/rax42/
- https://www.netgear.com/support/product/rax45/
- https://www.netgear.com/support/product/rax50/
- https://www.netgear.com/support/product/rax43/
- https://www.netgear.com/support/product/rax50s/
- https://www.netgear.com/support/product/raxe450/
- https://www.netgear.com/support/product/raxe500/
- https://www.netgear.com/support/product/xr1000/
- https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.