Insufficient input validation in certain NETGEAR routers_CVE-2026-0410

1.9 / 10

LOW

CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber

Description

Authenticated administrators connected to the local network can gain
elevated access to the router and make unauthorized changes to router
software and functionality.

Basic Information

ID CVE-2026-0410

Source NETGEAR

Published Jun 9, 2026 at 15:41

Affected Product

Vendor NETGEAR

Product R7000

Affected Versions NETGEAR R7000 0
NETGEAR RAX20 0
NETGEAR RAX35v2 0
NETGEAR RAX41 0
NETGEAR RAX41v2 0
NETGEAR RAX42 0
NETGEAR RAX42v2 0
NETGEAR RAX43 0
NETGEAR RAX43v2 0
NETGEAR RAX45 0
NETGEAR RAX49S 0
NETGEAR RAX50 0
NETGEAR RAX50S 0
NETGEAR RAX50v2 0
NETGEAR RAX54Sv2 0
NETGEAR RAX54v2 0
NETGEAR RAXE450 0
NETGEAR RAXE500 0
NETGEAR XR1000 0
NETGEAR XR1000v2 0

CWE Classification

CWE-20

References

{
    "lastseen": "",
    "description": "Authenticated administrators connected to the local network can gain \nelevated access to the router and make unauthorized changes to router \nsoftware and functionality.",
    "published": "2026-06-09T15:41:47.808Z",
    "modified": "2026-06-09T15:41:47.808Z",
    "type": "cve",
    "title": "Insufficient input validation in certain NETGEAR routers",
    "source": "NETGEAR",
    "references": "https://www.netgear.com/support/product/rax20/\nhttps://www.netgear.com/support/product/r7000/\nhttps://www.netgear.com/support/product/rax35v2/\nhttps://www.netgear.com/support/product/rax41/\nhttps://www.netgear.com/support/product/rax41v2/\nhttps://www.netgear.com/support/product/rax42v2/\nhttps://www.netgear.com/support/product/rax42/\nhttps://www.netgear.com/support/product/rax43/\nhttps://www.netgear.com/support/product/rax43v2/\nhttps://www.netgear.com/support/product/rax45/\nhttps://www.netgear.com/support/product/raxe450/\nhttps://www.netgear.com/support/product/rax50s/\nhttps://www.netgear.com/support/product/rax50/\nhttps://www.netgear.com/support/product/rax54sv2/\nhttps://www.netgear.com/support/product/xr1000/\nhttps://www.netgear.com/support/product/xr1000v2/\nhttps://www.netgear.com/support/product/rax50v2/\nhttps://www.netgear.com/support/product/rax49s/\nhttps://www.netgear.com/support/product/raxe500/",
    "id": "CVE-2026-0410",
    "bulletinFamily": "",
    "cwe": [
        "CWE-20"
    ],
    "cvelist": null,
    "sourceData": "NETGEAR R7000 0\nNETGEAR RAX20 0\nNETGEAR RAX35v2 0\nNETGEAR RAX41 0\nNETGEAR RAX41v2 0\nNETGEAR RAX42 0\nNETGEAR RAX42v2 0\nNETGEAR RAX43 0\nNETGEAR RAX43v2 0\nNETGEAR RAX45 0\nNETGEAR RAX49S 0\nNETGEAR RAX50 0\nNETGEAR RAX50S 0\nNETGEAR RAX50v2 0\nNETGEAR RAX54Sv2 0\nNETGEAR RAX54v2 0\nNETGEAR RAXE450 0\nNETGEAR RAXE500 0\nNETGEAR XR1000 0\nNETGEAR XR1000v2 0",
    "sourceHref": "",
    "cvss": {
        "score": 1.9,
        "severity": "LOW",
        "vector": "CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "R7000",
    "version": "0",
    "vendor": "NETGEAR",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}