CVE-2026-9212
5.6
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/E:U
Summary
Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute commands impacting the product's confidentiality or change certain configurations.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| NETGEAR | LBR1020 | 0 < V2.6.4.60 | affected |
| NETGEAR | LBR20 | 0 < V2.7.6.8 | affected |
| NETGEAR | R6700AX | 0 <= * | affected |
| NETGEAR | R7800 | 0 < V1.0.4.96 | affected |
| NETGEAR | R9000 | 0 < V1.0.6.46 | affected |
| NETGEAR | RAX10 | 0 < V1.0.5.50 | affected |
| NETGEAR | RAX10v2 | 0 < V1.0.5.50 | affected |
| NETGEAR | RAX120 | 0 < V1.2.10.56 | affected |
| NETGEAR | RAX120v1 | 0 < V1.2.10.56 | affected |
| NETGEAR | RAX120v2 | 0 < V1.2.10.56 | affected |
| NETGEAR | RAX36S | 0 < V1.0.5.50 | affected |
| NETGEAR | RAX70 | 0 < V1.0.19.172 | affected |
| NETGEAR | RAX78 | 0 < V1.0.19.172 | affected |
| NETGEAR | RBR10 | 0 <= 2.7.6.6 | affected |
| NETGEAR | RBR20 | 0 <= 2.7.6.6 | affected |
| NETGEAR | RBR350 | 0 < V4.4.2.1 | affected |
| NETGEAR | RBR40 | 0 <= 2.7.6.6 | affected |
| NETGEAR | RBR50 | 0 <= 2.7.6.6 | affected |
| NETGEAR | RBS10 | 0 <= 2.7.6.6 | affected |
| NETGEAR | RBS20 | 0 <= 2.7.6.6 | affected |
| NETGEAR | RBS350 | 0 < V4.4.2.1 | affected |
| NETGEAR | RBS40 | 0 <= 2.7.6.6 | affected |
| NETGEAR | RBS50 | 0 <= 2.7.6.6 | affected |
| NETGEAR | XR450 | 0 < V2.3.3.136 | affected |
| NETGEAR | XR500 | 0 < v2.3.3.136 | affected |
Weaknesses
- CWE-306: CWE-306 Missing authentication for critical function
- CWE-20: CWE-20 Improper input validation
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://www.netgear.com/support/product/lbr20/
- https://www.netgear.com/support/product/lbr1020/
- https://www.netgear.com/support/product/r6700ax/
- https://www.netgear.com/support/product/r9000/
- https://www.netgear.com/support/product/r7800/
- https://www.netgear.com/support/product/rax10/
- https://www.netgear.com/support/product/rax120/
- https://www.netgear.com/support/product/rax78/
- https://www.netgear.com/support/product/rax120v2/
- https://www.netgear.com/support/product/rax70/
- https://www.netgear.com/support/product/rbr10/
- https://www.netgear.com/support/product/rbr350/
- https://www.netgear.com/support/product/rbr40/
- https://www.netgear.com/support/product/rbr50/
- https://www.netgear.com/support/product/rbs10/
- https://www.netgear.com/support/product/rbs20/
- https://www.netgear.com/support/product/rax36s/
- https://www.netgear.com/support/product/rbr20/
- https://www.netgear.com/support/product/rbs50/
- https://www.netgear.com/support/product/rbs350/
- https://www.netgear.com/support/product/xr500/
- https://www.netgear.com/support/product/rbs40/
- https://www.netgear.com/support/product/xr450/
- https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.