Insufficient input validation in NETGEAR Orbi routers_CVE-2026-0404

4.8 / 10

MEDIUM

CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber

Description

An insufficient input validation vulnerability in NETGEAR Orbi devices'
DHCPv6 functionality allows network adjacent attackers authenticated
over WiFi or on LAN to execute OS command injections on the router.
DHCPv6 is not enabled by default.

Basic Information

ID CVE-2026-0404

Source NETGEAR

Published Jan 13, 2026 at 16:01

Modified Jan 13, 2026 at 16:25

Affected Product

Vendor NETGEAR

Product RBRE960

Affected Versions NETGEAR RBRE960 0
NETGEAR RBSE960 0
NETGEAR RBR850 0
NETGEAR RBS850 0
NETGEAR RBR860 0
NETGEAR RBS860 0
NETGEAR RBRE950 0
NETGEAR RBSE950 0
NETGEAR RBR750 0
NETGEAR RBS750 0
NETGEAR RBR840 0
NETGEAR RBS840 0

CWE Classification

CWE-20

References

{
    "lastseen": "",
    "description": "An insufficient input validation vulnerability in NETGEAR Orbi devices' \nDHCPv6 functionality\u00a0allows network adjacent attackers authenticated \nover\u00a0WiFi or on LAN\u00a0to execute OS command injections on the router. \nDHCPv6 is not enabled by default.",
    "published": "2026-01-13T16:01:14.944Z",
    "modified": "2026-01-13T16:25:13.184Z",
    "type": "cve",
    "title": "Insufficient input validation in NETGEAR Orbi routers",
    "source": "NETGEAR",
    "references": "https://www.netgear.com/support/product/rbre960\nhttps://www.netgear.com/support/product/rbse960\nhttps://www.netgear.com/support/product/rbr850\nhttps://www.netgear.com/support/product/rbs850\nhttps://www.netgear.com/support/product/rbr860\nhttps://www.netgear.com/support/product/rbs860\nhttps://www.netgear.com/support/product/rbre950\nhttps://www.netgear.com/support/product/rbse950\nhttps://www.netgear.com/support/product/rbr750\nhttps://www.netgear.com/support/product/rbs750\nhttps://www.netgear.com/support/product/rbr840\nhttps://www.netgear.com/support/product/rbs840\nhttps://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory",
    "id": "CVE-2026-0404",
    "bulletinFamily": "",
    "cwe": [
        "CWE-20"
    ],
    "cvelist": null,
    "sourceData": "NETGEAR RBRE960 0\nNETGEAR RBSE960 0\nNETGEAR RBR850 0\nNETGEAR RBS850 0\nNETGEAR RBR860 0\nNETGEAR RBS860 0\nNETGEAR RBRE950 0\nNETGEAR RBSE950 0\nNETGEAR RBR750 0\nNETGEAR RBS750 0\nNETGEAR RBR840 0\nNETGEAR RBS840 0",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "RBRE960",
    "version": "0",
    "vendor": "NETGEAR",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}