Insufficient input validation vulnerability in certain Orbi routers_CVE-2026-0415

4.3 / 10

MEDIUM

CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U

Description

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.

Basic Information

ID CVE-2026-0415

Source NETGEAR

Published Jun 9, 2026 at 15:50

Affected Product

Vendor NETGEAR

Product RBE97x

Affected Versions NETGEAR RBE97x 0
NETGEAR RBR750 0
NETGEAR RBR840 0
NETGEAR RBR850 0
NETGEAR RBR860 0
NETGEAR RBRE950 0
NETGEAR RBRE960 0
NETGEAR RBS750 0
NETGEAR RBS840 0
NETGEAR RBS850 0
NETGEAR RBS860 0
NETGEAR RBSE950 0
NETGEAR RBSE960 0

CWE Classification

CWE-20

References

{
    "lastseen": "",
    "description": "Insufficient input validation vulnerability in the\u00a0listed NETGEAR models allows\u00a0authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.",
    "published": "2026-06-09T15:50:51.816Z",
    "modified": "2026-06-09T15:50:51.816Z",
    "type": "cve",
    "title": "Insufficient input validation vulnerability in certain Orbi routers",
    "source": "NETGEAR",
    "references": "https://www.netgear.com/support/product/rbe970/\nhttps://www.netgear.com/support/product/rbre950/\nhttps://www.netgear.com/support/product/rbr850/\nhttps://www.netgear.com/support/product/rbs840/\nhttps://www.netgear.com/support/product/rbr750/\nhttps://www.netgear.com/support/product/rbs750/\nhttps://www.netgear.com/support/product/rbr840/\nhttps://www.netgear.com/support/product/rbr860/\nhttps://www.netgear.com/support/product/rbre960/\nhttps://www.netgear.com/support/product/rbs850/\nhttps://www.netgear.com/support/product/rbs860/\nhttps://www.netgear.com/support/product/rbse950/\nhttps://www.netgear.com/support/product/rbse960/",
    "id": "CVE-2026-0415",
    "bulletinFamily": "",
    "cwe": [
        "CWE-20"
    ],
    "cvelist": null,
    "sourceData": "NETGEAR RBE97x 0\nNETGEAR RBR750 0\nNETGEAR RBR840 0\nNETGEAR RBR850 0\nNETGEAR RBR860 0\nNETGEAR RBRE950 0\nNETGEAR RBRE960 0\nNETGEAR RBS750 0\nNETGEAR RBS840 0\nNETGEAR RBS850 0\nNETGEAR RBS860 0\nNETGEAR RBSE950 0\nNETGEAR RBSE960 0",
    "sourceHref": "",
    "cvss": {
        "score": 4.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "RBE97x",
    "version": "0",
    "vendor": "NETGEAR",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}