Search
Find a vulnerability
Search criteria
53 vulnerabilities found for RAX50 by NETGEAR
CVE-2026-9210 (GCVE-0-2026-9210)
Vulnerability from nvd – Published: 2026-06-09 15:50 – Updated: 2026-06-11 05:38
VLAI
Title
Certain NETGEAR routers allow authenticated administrators to gain unintended control of the router
Summary
Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper input validation
Assigner
References
32 references
Impacted products
31 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | EX3700 |
Affected:
0 , < V1.0.0.100
(custom)
|
|
| NETGEAR | EX3800 |
Affected:
0 , < V1.0.0.100
(custom)
|
|
| NETGEAR | EX6120 |
Affected:
0 , < V1.0.0.72
(custom)
|
|
| NETGEAR | EX6130 |
Affected:
0 , < V1.0.0.54
(custom)
|
|
| NETGEAR | MR60 |
Affected:
0 , < V1.1.7.132
(custom)
|
|
| NETGEAR | MR70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MR80 |
Affected:
0 , < V1.1.7.14
(custom)
|
|
| NETGEAR | MS60 |
Affected:
0 , < V1.1.7.132
(custom)
|
|
| NETGEAR | MS70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MS80 |
Affected:
0 , < V1.1.7.14
(custom)
|
|
| NETGEAR | R6400v2 |
Affected:
0 , < V1.0.4.128
(custom)
|
|
| NETGEAR | R6700v3 |
Affected:
0 , < V1.0.4.128
(custom)
|
|
| NETGEAR | R6900P |
Affected:
0 , < V1.3.3.152
(custom)
|
|
| NETGEAR | R7000 |
Affected:
0 , < V1.0.11.216
(custom)
|
|
| NETGEAR | R7000P |
Affected:
0 , < V1.3.3.152
(custom)
|
|
| NETGEAR | R7960P |
Affected:
0 , < V1.4.4.92
(custom)
|
|
| NETGEAR | R8000P |
Affected:
0 , < V1.4.4.92
(custom)
|
|
| NETGEAR | R8500 |
Affected:
0 , ≤ 1.0.2.160
(custom)
|
|
| NETGEAR | RAX20 |
Affected:
0 , < V1.0.18.144
(custom)
|
|
| NETGEAR | RAX35v2 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX40v2 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX41 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX42 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX43 |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAX45 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX48 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX50 |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAX50S |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAXE450 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | RAXE500 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | XR1000 |
Affected:
0 , < V1.0.0.68
(custom)
|
Date Public
2026-06-09 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9210",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T18:03:30.063423Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T18:39:39.151Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EX3700",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.100",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX3800",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.100",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX6120",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.72",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX6130",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.54",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6400v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.4.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6700v3",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.4.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6900P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.3.3.152",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7000P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.3.3.152",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7960P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.4.4.92",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R8000P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.4.4.92",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R8500",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.2.160",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX20",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.18.144",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX35v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX40v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX41",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX45",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX48",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50S",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE450",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE500",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "XR1000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.68",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.100",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.100",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.72",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.54",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:mr60:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.7.132",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:mr70:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.3.28",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:mr80:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.7.14",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms60:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.7.132",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms70:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.3.28",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms80:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.7.14",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.4.128",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700v3:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.4.128",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.3.3.152",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.11.216",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.3.3.152",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7960p:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.4.4.92",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.4.4.92",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax20:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.18.144",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax35v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax40v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax41:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax42:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax43:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.120",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax45:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax48:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax50:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.120",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax50s:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.120",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:raxe450:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.10.86",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:raxe500:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.10.86",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:xr1000:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.68",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "pjqwudi"
}
],
"datePublic": "2026-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cp\u003eInsufficient input validation vulnerability in the\u0026nbsp;listed NETGEAR models allows\u0026nbsp;authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.\u003c/p\u003e\u003c/div\u003e"
}
],
"value": "Insufficient input validation vulnerability in the\u00a0listed NETGEAR models allows\u00a0authenticated administrators connected to the local network to make unauthorized modification of router software and functionality."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T05:38:03.646Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex3700/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex3800/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex6120/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex6130/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6400v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6700v3/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6900p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7960p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7000p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r8000p/"
},
{
"tags": [
"product"
],
"url": "https://www.netgear.com/support/product/r8500/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax48/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7000/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax40v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax20/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax35v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax41/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax45/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50s/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe450/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe500/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/xr1000/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\u003c/p\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eProduct\u003c/th\u003e\u003cth\u003eFixed Version\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX3700\u003c/b\u003e AC750 WiFi Range Extender Essentials Edition\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ex3700/\"\u003eV1.0.0.100\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX3800 (EoS)\u003c/b\u003e AC750 WiFi Range Extender Essentials Edition\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ex3800/\"\u003eV1.0.0.100\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX6120\u003c/b\u003e AC1200 Dual Band WiFi Range Extender\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ex6120/\"\u003eV1.0.0.72\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX6130\u003c/b\u003e AC1200 WiFi Range Extender\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ex6130/\"\u003eV1.0.0.54\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR60\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr60/\"\u003eV1.1.7.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR70\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr80/\"\u003eV1.1.7.14\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS60\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms60/\"\u003eV1.1.7.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS70\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms80/\"\u003eV1.1.7.14\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6400v2 (EoS)\u003c/b\u003e AC1750 Smart WiFi Router 802.11ac Dual Band Gigabit\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6400v2/\"\u003eV1.0.4.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6700v3 (EoS)\u003c/b\u003e Nighthawk AC1750 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6700v3/\"\u003eV1.0.4.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6900P (EoS)\u003c/b\u003e Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6900p/\"\u003eV1.3.3.152\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7000 (EoS)\u003c/b\u003e Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7000/\"\u003eV1.0.11.216\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7000P (EoS)\u003c/b\u003e Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7000p/\"\u003eV1.3.3.152\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7960P (EoS)\u003c/b\u003e Nighthawk X6S AC3600 Tri-Band WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7960p/\"\u003eV1.4.4.92\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR8000P (EoS)\u003c/b\u003e Nighthawk X6S AC4000 Tri Band WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r8000p/\"\u003eV1.4.4.92\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR8500 (EoS)\u003c/b\u003e Nighthawk X8 AC5300 Smart WiFi Router\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX20 (EoS)\u003c/b\u003e 4-Stream AX1800 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax20/\"\u003eV1.0.18.144\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX35v2\u003c/b\u003e Nighthawk AX4 4-Stream AX3000 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax35v2/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX40v2\u003c/b\u003e Nighthawk AX4 4-Stream WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax40v2/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX41 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX3600 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax41/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX42 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax42/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX43 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax43/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX45 (EoS)\u003c/b\u003e Nighthawk AX6 6-Stream AX4300 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax45/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX48\u003c/b\u003e Nighthawk AX6 6-Stream AX5200 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax48/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50S\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50s/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE450\u003c/b\u003e Nighthawk AXE10000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe450/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE500\u003c/b\u003e Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe500/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eXR1000\u003c/b\u003e Nighthawk WiFi 6 Pro Gaming Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/xr1000/\"\u003eV1.0.0.68\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cp\u003eModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support.\u003c/p\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\n\nProductFixed VersionEX3700 AC750 WiFi Range Extender Essentials Edition V1.0.0.100 https://www.netgear.com/support/product/ex3700/ EX3800 (EoS) AC750 WiFi Range Extender Essentials Edition V1.0.0.100 https://www.netgear.com/support/product/ex3800/ EX6120 AC1200 Dual Band WiFi Range Extender V1.0.0.72 https://www.netgear.com/support/product/ex6120/ EX6130 AC1200 WiFi Range Extender V1.0.0.54 https://www.netgear.com/support/product/ex6130/ MR60 Nighthawk Mesh WiFi 6 Router V1.1.7.132 https://www.netgear.com/support/product/mr60/ MR70 Nighthawk Mesh WiFi 6 Router V1.0.3.28 https://www.netgear.com/support/product/mr70/ MR80 Nighthawk Tri-band Mesh WiFi 6 Router V1.1.7.14 https://www.netgear.com/support/product/mr80/ MS60 Nighthawk Mesh WiFi 6 Add-on Satellite V1.1.7.132 https://www.netgear.com/support/product/ms60/ MS70 Nighthawk Mesh WiFi 6 Add-on Satellite V1.0.3.28 https://www.netgear.com/support/product/ms70/ MS80 Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite V1.1.7.14 https://www.netgear.com/support/product/ms80/ R6400v2 (EoS) AC1750 Smart WiFi Router 802.11ac Dual Band Gigabit V1.0.4.128 https://www.netgear.com/support/product/r6400v2/ R6700v3 (EoS) Nighthawk AC1750 Smart WiFi Dual Band Gigabit Router V1.0.4.128 https://www.netgear.com/support/product/r6700v3/ R6900P (EoS) Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.3.3.152 https://www.netgear.com/support/product/r6900p/ R7000 (EoS) Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.0.11.216 https://www.netgear.com/support/product/r7000/ R7000P (EoS) Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router V1.3.3.152 https://www.netgear.com/support/product/r7000p/ R7960P (EoS) Nighthawk X6S AC3600 Tri-Band WiFi Router V1.4.4.92 https://www.netgear.com/support/product/r7960p/ R8000P (EoS) Nighthawk X6S AC4000 Tri Band WiFi Router V1.4.4.92 https://www.netgear.com/support/product/r8000p/ R8500 (EoS) Nighthawk X8 AC5300 Smart WiFi RouterEOSRAX20 (EoS) 4-Stream AX1800 WiFi 6 Router V1.0.18.144 https://www.netgear.com/support/product/rax20/ RAX35v2 Nighthawk AX4 4-Stream AX3000 WiFi 6 Router V1.0.12.118 https://www.netgear.com/support/product/rax35v2/ RAX40v2 Nighthawk AX4 4-Stream WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax40v2/ RAX41 (EoS) Nighthawk AX5 5-Stream AX3600 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax41/ RAX42 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax42/ RAX43 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.12.120 https://www.netgear.com/support/product/rax43/ RAX45 (EoS) Nighthawk AX6 6-Stream AX4300 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax45/ RAX48 Nighthawk AX6 6-Stream AX5200 WiFi 6 Router V1.0.12.118 https://www.netgear.com/support/product/rax48/ RAX50 Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.12.120 https://www.netgear.com/support/product/rax50/ RAX50S Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.12.120 https://www.netgear.com/support/product/rax50s/ RAXE450 Nighthawk AXE10000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe450/ RAXE500 Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe500/ XR1000 Nighthawk WiFi 6 Pro Gaming Router V1.0.0.68 https://www.netgear.com/support/product/xr1000/ \n\nModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Certain NETGEAR routers allow authenticated administrators to gain unintended control of the router",
"x_generator": {
"engine": "Vulnogram 1.0.3"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-9210",
"datePublished": "2026-06-09T15:50:48.947Z",
"dateReserved": "2026-05-21T17:29:00.866Z",
"dateUpdated": "2026-06-11T05:38:03.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0418 (GCVE-0-2026-0418)
Vulnerability from nvd – Published: 2026-06-09 15:50 – Updated: 2026-06-10 15:56
VLAI
Title
Certain NETGEAR devices allow administrators to tamper with system
Summary
Insufficient configuration management in the listed devices allows authenticated administrators connected to the local network
to tamper with the system.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-15 - External control of system or configuration setting
Assigner
References
36 references
Impacted products
35 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | CBR750 |
Affected:
0 , < v4.6.14.4
(custom)
|
|
| NETGEAR | EX6120 |
Affected:
0 , ≤ 1.0.0.72
(custom)
|
|
| NETGEAR | EX6130 |
Affected:
0 , ≤ 1.0.0.54
(custom)
|
|
| NETGEAR | MR60 |
Affected:
0 , < V1.1.7.128
(custom)
|
|
| NETGEAR | MR70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MR80 |
Affected:
0 , < V1.1.7.6
(custom)
|
|
| NETGEAR | MS60 |
Affected:
0 , < V1.1.7.128
(custom)
|
|
| NETGEAR | MS70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MS80 |
Affected:
0 , < V1.1.7.6
(custom)
|
|
| NETGEAR | RAX15 |
Affected:
0 , ≤ 1.0.18.144
(custom)
|
|
| NETGEAR | RAX20 |
Affected:
0 , ≤ 1.0.18.144
(custom)
|
|
| NETGEAR | RAX200 |
Affected:
0 , ≤ 1.0.11.148
(custom)
|
|
| NETGEAR | RAX35v2 |
Affected:
0 , < V1.0.11.112
(custom)
|
|
| NETGEAR | RAX38v2 |
Affected:
0 , < V1.0.11.112
(custom)
|
|
| NETGEAR | RAX40v2 |
Affected:
0 , < V1.0.11.112
(custom)
|
|
| NETGEAR | RAX42 |
Affected:
0 , < V1.0.11.112
(custom)
|
|
| NETGEAR | RAX43 |
Affected:
0 , < V1.0.11.112
(custom)
|
|
| NETGEAR | RAX45 |
Affected:
0 , < V1.0.11.112
(custom)
|
|
| NETGEAR | RAX48 |
Affected:
0 , < V1.0.11.112
(custom)
|
|
| NETGEAR | RAX50 |
Affected:
0 , < V1.0.11.112
(custom)
|
|
| NETGEAR | RAX50S |
Affected:
0 , < V1.0.11.112
(custom)
|
|
| NETGEAR | RAX75 |
Affected:
0 , ≤ 1.0.11.148
(custom)
|
|
| NETGEAR | RAX80 |
Affected:
0 , ≤ 1.0.11.148
(custom)
|
|
| NETGEAR | RAXE450 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | RAXE500 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | RBR750 |
Affected:
0 , < V4.6.14.3
(custom)
|
|
| NETGEAR | RBR840 |
Affected:
0 , < V4.6.14.3
(custom)
|
|
| NETGEAR | RBR850 |
Affected:
0 , < V4.6.14.3
(custom)
|
|
| NETGEAR | RBRE960 |
Affected:
0 , < V6.3.7.5
(custom)
|
|
| NETGEAR | RBS750 |
Affected:
0 , < V4.6.14.3
(custom)
|
|
| NETGEAR | RBS840 |
Affected:
0 , < V4.6.14.3
(custom)
|
|
| NETGEAR | RBS850 |
Affected:
0 , < V4.6.14.3
(custom)
|
|
| NETGEAR | RBSE960 |
Affected:
0 , < V6.3.7.5
(custom)
|
|
| NETGEAR | RS700 |
Affected:
0 , < V1.0.7.66
(custom)
|
|
| NETGEAR | XR1000 |
Affected:
0 , < v1.0.0.68
(custom)
|
Date Public
2026-06-09 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0418",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T17:08:11.783284Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T17:09:21.456Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v4.6.14.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX6120",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.0.72",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX6130",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.0.54",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX15",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.18.144",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX20",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.18.144",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX200",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.11.148",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX35v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.112",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX38v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.112",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX40v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.112",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.112",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.112",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX45",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.112",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX48",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.112",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.112",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50S",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.112",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX75",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.11.148",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX80",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.11.148",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE450",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE500",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR840",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBRE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V6.3.7.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS840",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBSE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V6.3.7.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RS700",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.7.66",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "XR1000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.0.68",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "byte_blaster"
}
],
"datePublic": "2026-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cspan\u003e\u003cspan\u003eInsufficient configuration management in the listed devices\u0026nbsp;\u003c/span\u003e\u003c/span\u003e\u003cspan\u003eallows authenticated administrators connected to the local network\n\u003c/span\u003e\u003cspan\u003eto tamper with the system.\u003c/span\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "Insufficient configuration management in the listed devices\u00a0allows authenticated administrators connected to the local network\nto tamper with the system."
}
],
"impacts": [
{
"capecId": "CAPEC-184",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-184 Software Integrity Attack"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/R:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-15",
"description": "CWE-15 External control of system or configuration setting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T15:56:54.459Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/cbr750/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax15/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex6120/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax200/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax38v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax75/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr840/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr750/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbs750/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex6130/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr850/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbs840/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbs850/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rs700/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax35v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax20/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax40v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe500/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax48/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50s/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbse960/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe450/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax45/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbre960/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/xr1000/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\u003c/p\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eProduct\u003c/th\u003e\u003cth\u003eFixed Version\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eCBR750\u003c/b\u003e Orbi WiFi 6 DOCSIS 3.1 Mesh WiFi Cable Modem Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/cbr750/\"\u003ev4.6.14.4\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX6120 (EoS)\u003c/b\u003e AC1200 Dual Band WiFi Range Extender\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX6130 (EoS)\u0026nbsp;\u003c/b\u003eAC1200 WiFi Range Extender\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR60\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr60/\"\u003eV1.1.7.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR70\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr80/\"\u003eV1.1.7.6\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS60\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms60/\"\u003eV1.1.7.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS70\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms80/\"\u003eV1.1.7.6\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX15(EoS)\u003c/b\u003e 4-Stream AX1800 WiFi 6 Router\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX20 (EoS)\u003c/b\u003e 4-Stream AX1800 WiFi 6 Router\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX200 (EoS)\u003c/b\u003e Nighthawk Tri-Band AX12 12-Stream WiFi Router\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX35v2\u003c/b\u003e Nighthawk AX4 4-Stream AX3000 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax35v2/\"\u003eV1.0.11.112\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX38v2\u003c/b\u003e Nighthawk AX4 4-Stream AX3000 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax38v2/\"\u003eV1.0.11.112\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX40v2\u003c/b\u003e Nighthawk AX4 4-Stream WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax40v2/\"\u003eV1.0.11.112\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX42 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax42/\"\u003eV1.0.11.112\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX43 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax43/\"\u003eV1.0.11.112\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX45 (EoS)\u003c/b\u003e Nighthawk AX6 6-Stream AX4300 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax45/\"\u003eV1.0.11.112\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX48\u003c/b\u003e Nighthawk AX6 6-Stream AX5200 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax48/\"\u003eV1.0.11.112\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50/\"\u003eV1.0.11.112\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50S\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50s/\"\u003eV1.0.11.112\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX75 (EoS)\u003c/b\u003e Nighthawk AX8 8-Stream AX5700 WiFi 6 Router\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX80 (EoS)\u003c/b\u003e Nighthawk AX8 8-Stream WiFi Router\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE450\u003c/b\u003e Nighthawk AXE10000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe450/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE500\u003c/b\u003e Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe500/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBR750\u003c/b\u003e Orbi WiFi 6 Router AX4200\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr750/\"\u003eV4.6.14.3\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBR840 (EoS)\u003c/b\u003e Orbi WiFi 6 System AX5700\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr840/\"\u003eV4.6.14.3\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBR850\u003c/b\u003e Orbi WiFi 6 Router AX6000\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr850/\"\u003eV4.6.14.3\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBRE960\u003c/b\u003e Orbi Quad-band Mesh WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbre960/\"\u003eV6.3.7.5\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBS750\u003c/b\u003e Orbi WiFi 6 Add-on Satellite AX4200\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs750/\"\u003eV4.6.14.3\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBS840 (EoS)\u003c/b\u003e Orbi WiFi 6 Add-on Satellite AX5700\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs840/\"\u003eV4.6.14.3\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBS850\u003c/b\u003e Orbi WiFi 6 Satellite AX6000\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs850/\"\u003eV4.6.14.3\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBSE960\u003c/b\u003e Orbi Quad-band Mesh WiFi 6E Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbse960/\"\u003eV6.3.7.5\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRS700\u003c/b\u003e Nighthawk BE19000 WiFi 7 Tri-Band Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rs700/\"\u003eV1.0.7.66\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eXR1000\u003c/b\u003e Nighthawk WiFi 6 Pro Gaming Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/xr1000/\"\u003ev1.0.0.68\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cp\u003eModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support.\u003c/p\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\n\nProductFixed VersionCBR750 Orbi WiFi 6 DOCSIS 3.1 Mesh WiFi Cable Modem Router v4.6.14.4 https://www.netgear.com/support/product/cbr750/ EX6120 (EoS) AC1200 Dual Band WiFi Range ExtenderEOSEX6130 (EoS)\u00a0AC1200 WiFi Range ExtenderEOSMR60 Nighthawk Mesh WiFi 6 Router V1.1.7.128 https://www.netgear.com/support/product/mr60/ MR70 Nighthawk Mesh WiFi 6 Router V1.0.3.28 https://www.netgear.com/support/product/mr70/ MR80 Nighthawk Tri-band Mesh WiFi 6 Router V1.1.7.6 https://www.netgear.com/support/product/mr80/ MS60 Nighthawk Mesh WiFi 6 Add-on Satellite V1.1.7.128 https://www.netgear.com/support/product/ms60/ MS70 Nighthawk Mesh WiFi 6 Add-on Satellite V1.0.3.28 https://www.netgear.com/support/product/ms70/ MS80 Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite V1.1.7.6 https://www.netgear.com/support/product/ms80/ RAX15(EoS) 4-Stream AX1800 WiFi 6 RouterEOSRAX20 (EoS) 4-Stream AX1800 WiFi 6 RouterEOSRAX200 (EoS) Nighthawk Tri-Band AX12 12-Stream WiFi RouterEOSRAX35v2 Nighthawk AX4 4-Stream AX3000 WiFi 6 Router V1.0.11.112 https://www.netgear.com/support/product/rax35v2/ RAX38v2 Nighthawk AX4 4-Stream AX3000 WiFi Router V1.0.11.112 https://www.netgear.com/support/product/rax38v2/ RAX40v2 Nighthawk AX4 4-Stream WiFi Router V1.0.11.112 https://www.netgear.com/support/product/rax40v2/ RAX42 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.11.112 https://www.netgear.com/support/product/rax42/ RAX43 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.11.112 https://www.netgear.com/support/product/rax43/ RAX45 (EoS) Nighthawk AX6 6-Stream AX4300 WiFi Router V1.0.11.112 https://www.netgear.com/support/product/rax45/ RAX48 Nighthawk AX6 6-Stream AX5200 WiFi 6 Router V1.0.11.112 https://www.netgear.com/support/product/rax48/ RAX50 Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.11.112 https://www.netgear.com/support/product/rax50/ RAX50S Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.11.112 https://www.netgear.com/support/product/rax50s/ RAX75 (EoS) Nighthawk AX8 8-Stream AX5700 WiFi 6 RouterEOSRAX80 (EoS) Nighthawk AX8 8-Stream WiFi RouterEOSRAXE450 Nighthawk AXE10000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe450/ RAXE500 Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe500/ RBR750 Orbi WiFi 6 Router AX4200 V4.6.14.3 https://www.netgear.com/support/product/rbr750/ RBR840 (EoS) Orbi WiFi 6 System AX5700 V4.6.14.3 https://www.netgear.com/support/product/rbr840/ RBR850 Orbi WiFi 6 Router AX6000 V4.6.14.3 https://www.netgear.com/support/product/rbr850/ RBRE960 Orbi Quad-band Mesh WiFi 6E Router V6.3.7.5 https://www.netgear.com/support/product/rbre960/ RBS750 Orbi WiFi 6 Add-on Satellite AX4200 V4.6.14.3 https://www.netgear.com/support/product/rbs750/ RBS840 (EoS) Orbi WiFi 6 Add-on Satellite AX5700 V4.6.14.3 https://www.netgear.com/support/product/rbs840/ RBS850 Orbi WiFi 6 Satellite AX6000 V4.6.14.3 https://www.netgear.com/support/product/rbs850/ RBSE960 Orbi Quad-band Mesh WiFi 6E Add-on Satellite V6.3.7.5 https://www.netgear.com/support/product/rbse960/ RS700 Nighthawk BE19000 WiFi 7 Tri-Band Router V1.0.7.66 https://www.netgear.com/support/product/rs700/ XR1000 Nighthawk WiFi 6 Pro Gaming Router v1.0.0.68 https://www.netgear.com/support/product/xr1000/ \n\nModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Certain NETGEAR devices allow administrators to tamper with system",
"x_generator": {
"engine": "Vulnogram 1.0.3"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0418",
"datePublished": "2026-06-09T15:50:50.069Z",
"dateReserved": "2025-12-03T04:16:25.029Z",
"dateUpdated": "2026-06-10T15:56:54.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0417 (GCVE-0-2026-0417)
Vulnerability from nvd – Published: 2026-06-09 15:50 – Updated: 2026-06-10 15:49
VLAI
Title
Insufficient input validation in certain NETGEAR routers
Summary
Insufficient input validation vulnerability in the listed NETGEAR devices allows
authenticated administrators connected to the local network to tamper with
the router's integrity.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper input validation
Assigner
References
28 references
Impacted products
27 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | MR60 |
Affected:
0 , < V1.1.7.132
(custom)
|
|
| NETGEAR | MR70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MR80 |
Affected:
0 , < V1.1.7.14
(custom)
|
|
| NETGEAR | MS60 |
Affected:
0 , < V1.1.7.132
(custom)
|
|
| NETGEAR | MS70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MS80 |
Affected:
0 , < V1.1.7.14
(custom)
|
|
| NETGEAR | R6400v2 |
Affected:
0 , < V1.0.4.128
(custom)
|
|
| NETGEAR | R6700v3 |
Affected:
0 , < V1.0.4.128
(custom)
|
|
| NETGEAR | R6900P |
Affected:
0 , < V1.3.3.152
(custom)
|
|
| NETGEAR | R7000 |
Affected:
0 , < V1.0.11.216
(custom)
|
|
| NETGEAR | R7000P |
Affected:
0 , < V1.3.3.152
(custom)
|
|
| NETGEAR | R7960P |
Affected:
0 , < V1.4.4.92
(custom)
|
|
| NETGEAR | R8000P |
Affected:
0 , < V1.4.4.92
(custom)
|
|
| NETGEAR | R8500 |
Affected:
0 , ≤ 1.0.2.160
(custom)
|
|
| NETGEAR | RAX20 |
Affected:
0 , < V1.0.18.144
(custom)
|
|
| NETGEAR | RAX35v2 |
Affected:
0 , < V1.0.16.132
(custom)
|
|
| NETGEAR | RAX40v2 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX41 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX42 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX43 |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAX45 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX48 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX50 |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAX50S |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAXE450 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | RAXE500 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | XR1000 |
Affected:
0 , < V1.0.0.68
(custom)
|
Date Public
2026-06-09 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0417",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T17:10:42.291794Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T17:10:51.031Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MR60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6400v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.4.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6700v3",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.4.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6900P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.3.3.152",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7000P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.3.3.152",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7960P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.4.4.92",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R8000P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.4.4.92",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R8500",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.2.160",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX20",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.18.144",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX35v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.16.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX40v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX41",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX45",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX48",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50S",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE450",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE500",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "XR1000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.68",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "pjqwudi"
}
],
"datePublic": "2026-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eInsufficient input validation vulnerability in the listed NETGEAR\u0026nbsp;devices\u0026nbsp;allows\nauthenticated administrators connected to the local network to\u0026nbsp;tamper with\nthe router\u0027s integrity. \u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "Insufficient input validation vulnerability in the listed NETGEAR\u00a0devices\u00a0allows\nauthenticated administrators connected to the local network to\u00a0tamper with\nthe router\u0027s integrity."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T15:49:33.259Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6400v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6700v3/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7000/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6900p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r8000p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r8500/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax40v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax35v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax41/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax20/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7960p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7000p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax45/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax48/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe450/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50s/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/xr1000/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe500/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\u003c/p\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eProduct\u003c/th\u003e\u003cth\u003eFixed Version\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR60\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr60/\"\u003eV1.1.7.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR70\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr80/\"\u003eV1.1.7.14\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS60\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms60/\"\u003eV1.1.7.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS70\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms80/\"\u003eV1.1.7.14\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6400v2 (EoS)\u003c/b\u003e AC1750 Smart WiFi Router 802.11ac Dual Band Gigabit\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6400v2/\"\u003eV1.0.4.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6700v3 (EoS)\u003c/b\u003e Nighthawk AC1750 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6700v3/\"\u003eV1.0.4.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6900P (EoS)\u003c/b\u003e Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6900p/\"\u003eV1.3.3.152\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7000 (EoS)\u003c/b\u003e Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7000/\"\u003eV1.0.11.216\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7000P (EoS)\u003c/b\u003e Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7000p/\"\u003eV1.3.3.152\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7960P (EoS)\u003c/b\u003e Nighthawk X6S AC3600 Tri-Band WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7960p/\"\u003eV1.4.4.92\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR8000P (EoS)\u003c/b\u003e Nighthawk X6S AC4000 Tri Band WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r8000p/\"\u003eV1.4.4.92\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR8500 (EoS)\u003c/b\u003e Nighthawk X8 AC5300 Smart WiFi Router\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX20 (EoS)\u003c/b\u003e 4-Stream AX1800 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax20/\"\u003eV1.0.18.144\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX35v2\u003c/b\u003e Nighthawk AX4 4-Stream AX3000 WiFi 6 Router\u003c/td\u003e\u003ctd\u003eV1.0.16.132\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX40v2\u003c/b\u003e Nighthawk AX4 4-Stream WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax40v2/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX41 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX3600 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax41/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX42 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax42/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX43 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax43/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX45 (EoS)\u003c/b\u003e Nighthawk AX6 6-Stream AX4300 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax45/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX48\u003c/b\u003e Nighthawk AX6 6-Stream AX5200 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax48/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50S\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50s/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE450\u003c/b\u003e Nighthawk AXE10000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe450/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE500\u003c/b\u003e Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe500/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eXR1000\u003c/b\u003e Nighthawk WiFi 6 Pro Gaming Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/xr1000/\"\u003eV1.0.0.68\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cp\u003eModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support.\u003c/p\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\n\nProductFixed VersionMR60 Nighthawk Mesh WiFi 6 Router V1.1.7.132 https://www.netgear.com/support/product/mr60/ MR70 Nighthawk Mesh WiFi 6 Router V1.0.3.28 https://www.netgear.com/support/product/mr70/ MR80 Nighthawk Tri-band Mesh WiFi 6 Router V1.1.7.14 https://www.netgear.com/support/product/mr80/ MS60 Nighthawk Mesh WiFi 6 Add-on Satellite V1.1.7.132 https://www.netgear.com/support/product/ms60/ MS70 Nighthawk Mesh WiFi 6 Add-on Satellite V1.0.3.28 https://www.netgear.com/support/product/ms70/ MS80 Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite V1.1.7.14 https://www.netgear.com/support/product/ms80/ R6400v2 (EoS) AC1750 Smart WiFi Router 802.11ac Dual Band Gigabit V1.0.4.128 https://www.netgear.com/support/product/r6400v2/ R6700v3 (EoS) Nighthawk AC1750 Smart WiFi Dual Band Gigabit Router V1.0.4.128 https://www.netgear.com/support/product/r6700v3/ R6900P (EoS) Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.3.3.152 https://www.netgear.com/support/product/r6900p/ R7000 (EoS) Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.0.11.216 https://www.netgear.com/support/product/r7000/ R7000P (EoS) Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router V1.3.3.152 https://www.netgear.com/support/product/r7000p/ R7960P (EoS) Nighthawk X6S AC3600 Tri-Band WiFi Router V1.4.4.92 https://www.netgear.com/support/product/r7960p/ R8000P (EoS) Nighthawk X6S AC4000 Tri Band WiFi Router V1.4.4.92 https://www.netgear.com/support/product/r8000p/ R8500 (EoS) Nighthawk X8 AC5300 Smart WiFi RouterEOSRAX20 (EoS) 4-Stream AX1800 WiFi 6 Router V1.0.18.144 https://www.netgear.com/support/product/rax20/ RAX35v2 Nighthawk AX4 4-Stream AX3000 WiFi 6 RouterV1.0.16.132RAX40v2 Nighthawk AX4 4-Stream WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax40v2/ RAX41 (EoS) Nighthawk AX5 5-Stream AX3600 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax41/ RAX42 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax42/ RAX43 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.12.120 https://www.netgear.com/support/product/rax43/ RAX45 (EoS) Nighthawk AX6 6-Stream AX4300 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax45/ RAX48 Nighthawk AX6 6-Stream AX5200 WiFi 6 Router V1.0.12.118 https://www.netgear.com/support/product/rax48/ RAX50 Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.12.120 https://www.netgear.com/support/product/rax50/ RAX50S Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.12.120 https://www.netgear.com/support/product/rax50s/ RAXE450 Nighthawk AXE10000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe450/ RAXE500 Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe500/ XR1000 Nighthawk WiFi 6 Pro Gaming Router V1.0.0.68 https://www.netgear.com/support/product/xr1000/ \n\nModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient input validation in certain NETGEAR routers",
"x_generator": {
"engine": "Vulnogram 1.0.3"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0417",
"datePublished": "2026-06-09T15:50:49.507Z",
"dateReserved": "2025-12-03T04:16:24.254Z",
"dateUpdated": "2026-06-10T15:49:33.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0410 (GCVE-0-2026-0410)
Vulnerability from nvd – Published: 2026-06-09 15:41 – Updated: 2026-06-10 15:24
VLAI
Title
Insufficient input validation in certain NETGEAR routers
Summary
Authenticated administrators connected to the local network can gain
elevated access to the router and make unauthorized changes to router
software and functionality.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Insufficient input validation
Assigner
References
20 references
Impacted products
20 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | R7000 |
Affected:
0 , < V1.0.11.216
(custom)
|
|
| NETGEAR | RAX20 |
Affected:
0 , < V1.0.18.144
(custom)
|
|
| NETGEAR | RAX35v2 |
Affected:
0 , < V1.0.16.132
(custom)
|
|
| NETGEAR | RAX41 |
Affected:
0 , < V1.0.16.132
(custom)
|
|
| NETGEAR | RAX41v2 |
Affected:
0 , < V1.1.4.28
(custom)
|
|
| NETGEAR | RAX42 |
Affected:
0 , < V1.0.16.132
(custom)
|
|
| NETGEAR | RAX42v2 |
Affected:
0 , < V1.1.4.28
(custom)
|
|
| NETGEAR | RAX43 |
Affected:
0 , < V1.0.16.132
(custom)
|
|
| NETGEAR | RAX43v2 |
Affected:
0 , < V1.1.4.28
(custom)
|
|
| NETGEAR | RAX45 |
Affected:
0 , < V1.0.16.132
(custom)
|
|
| NETGEAR | RAX49S |
Affected:
0 , < V1.1.4.28
(custom)
|
|
| NETGEAR | RAX50 |
Affected:
0 , < V1.0.16.132
(custom)
|
|
| NETGEAR | RAX50S |
Affected:
0 , < V1.0.16.132
(custom)
|
|
| NETGEAR | RAX50v2 |
Affected:
0 , < V1.1.4.28
(custom)
|
|
| NETGEAR | RAX54Sv2 |
Affected:
0 , < V1.1.4.28
(custom)
|
|
| NETGEAR | RAX54v2 |
Affected:
0 , < V1.1.4.28
(custom)
|
|
| NETGEAR | RAXE450 |
Affected:
0 , < V1.2.14.114
(custom)
|
|
| NETGEAR | RAXE500 |
Affected:
0 , < V1.2.14.114
(custom)
|
|
| NETGEAR | XR1000 |
Affected:
0 , < V1.1.0.22
(custom)
|
|
| NETGEAR | XR1000v2 |
Affected:
0 , < V1.1.0.22
(custom)
|
Date Public
2026-06-09 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0410",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T17:27:32.030390Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T18:40:24.087Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "R7000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX20",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.18.144",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX35v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.16.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX41",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.16.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX41v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.4.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.16.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.4.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.16.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.4.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX45",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.16.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX49S",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.4.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.16.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50S",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.16.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.4.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX54Sv2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.4.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX54v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.4.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE450",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.2.14.114",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE500",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.2.14.114",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "XR1000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.0.22",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "XR1000v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.0.22",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "SmallS"
}
],
"datePublic": "2026-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eAuthenticated administrators connected to the local network can gain \nelevated access to the router and make unauthorized changes to router \nsoftware and functionality.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Authenticated administrators connected to the local network can gain \nelevated access to the router and make unauthorized changes to router \nsoftware and functionality."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 1.9,
"baseSeverity": "LOW",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Insufficient input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T15:24:02.912Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax20/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7000/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax35v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax41/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax41v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax45/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe450/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50s/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax54sv2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/xr1000/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/xr1000v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax49s/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe500/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\u003c/p\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eProduct\u003c/th\u003e\u003cth\u003eFixed Version\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7000 (EoS)\u003c/b\u003e Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7000/\"\u003eV1.0.11.216\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX20 (EoS)\u003c/b\u003e 4-Stream AX1800 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax20/\"\u003eV1.0.18.144\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX35v2\u003c/b\u003e Nighthawk AX4 4-Stream AX3000 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax35v2/\"\u003eV1.0.16.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX41 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX3600 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax41/\"\u003eV1.0.16.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX41v2\u003c/b\u003e Nighthawk AX5 5-Stream AX3600 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax41v2/\"\u003eV1.1.4.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX42 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax42/\"\u003eV1.0.16.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX42v2\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax42v2/\"\u003eV1.1.4.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX43 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax43/\"\u003eV1.0.16.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX43v2\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax43v2/\"\u003eV1.1.4.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX45 (EoS)\u003c/b\u003e Nighthawk AX6 6-Stream AX4300 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax45/\"\u003eV1.0.16.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX49S\u003c/b\u003e Nighthawk AX6 6-Stream AX5300 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax49s/\"\u003eV1.1.4.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50/\"\u003eV1.0.16.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50S\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50s/\"\u003eV1.0.16.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50v2\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50v2/\"\u003eV1.1.4.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX54Sv2\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax54sv2/\"\u003eV1.1.4.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX54v2\u003c/b\u003e\u003c/td\u003e\u003ctd\u003eV1.1.4.28\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE450\u003c/b\u003e Nighthawk AXE10000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe450/\"\u003eV1.2.14.114\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE500\u003c/b\u003e Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe500/\"\u003eV1.2.14.114\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eXR1000\u003c/b\u003e Nighthawk WiFi 6 Pro Gaming Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/xr1000/\"\u003eV1.1.0.22\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eXR1000v2\u003c/b\u003e Nighthawk WiFi 6 Pro Gaming Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/xr1000v2/\"\u003eV1.1.0.22\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cp\u003eModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support.\u003c/p\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\n\nProductFixed VersionR7000 (EoS) Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.0.11.216 https://www.netgear.com/support/product/r7000/ RAX20 (EoS) 4-Stream AX1800 WiFi 6 Router V1.0.18.144 https://www.netgear.com/support/product/rax20/ RAX35v2 Nighthawk AX4 4-Stream AX3000 WiFi 6 Router V1.0.16.132 https://www.netgear.com/support/product/rax35v2/ RAX41 (EoS) Nighthawk AX5 5-Stream AX3600 WiFi Router V1.0.16.132 https://www.netgear.com/support/product/rax41/ RAX41v2 Nighthawk AX5 5-Stream AX3600 WiFi Router V1.1.4.28 https://www.netgear.com/support/product/rax41v2/ RAX42 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.16.132 https://www.netgear.com/support/product/rax42/ RAX42v2 Nighthawk AX5 5-Stream AX4200 WiFi Router V1.1.4.28 https://www.netgear.com/support/product/rax42v2/ RAX43 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.16.132 https://www.netgear.com/support/product/rax43/ RAX43v2 Nighthawk AX5 5-Stream AX4200 WiFi Router V1.1.4.28 https://www.netgear.com/support/product/rax43v2/ RAX45 (EoS) Nighthawk AX6 6-Stream AX4300 WiFi Router V1.0.16.132 https://www.netgear.com/support/product/rax45/ RAX49S Nighthawk AX6 6-Stream AX5300 WiFi Router V1.1.4.28 https://www.netgear.com/support/product/rax49s/ RAX50 Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.16.132 https://www.netgear.com/support/product/rax50/ RAX50S Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.16.132 https://www.netgear.com/support/product/rax50s/ RAX50v2 Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.1.4.28 https://www.netgear.com/support/product/rax50v2/ RAX54Sv2 Nighthawk AX6 6-Stream AX5400 WiFi Router V1.1.4.28 https://www.netgear.com/support/product/rax54sv2/ RAX54v2V1.1.4.28RAXE450 Nighthawk AXE10000 Tri-Band WiFi 6E Router V1.2.14.114 https://www.netgear.com/support/product/raxe450/ RAXE500 Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router V1.2.14.114 https://www.netgear.com/support/product/raxe500/ XR1000 Nighthawk WiFi 6 Pro Gaming Router V1.1.0.22 https://www.netgear.com/support/product/xr1000/ XR1000v2 Nighthawk WiFi 6 Pro Gaming Router V1.1.0.22 https://www.netgear.com/support/product/xr1000v2/ \n\nModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient input validation in certain NETGEAR routers",
"x_generator": {
"engine": "Vulnogram 1.0.3"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0410",
"datePublished": "2026-06-09T15:41:47.808Z",
"dateReserved": "2025-12-03T04:16:17.013Z",
"dateUpdated": "2026-06-10T15:24:02.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12946 (GCVE-0-2025-12946)
Vulnerability from nvd – Published: 2025-12-09 17:02 – Updated: 2026-02-26 16:57
VLAI
Title
Improper input validation in NETGEAR Nighthawk routers
Summary
A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run.
This issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46; RAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
18 references
Impacted products
17 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | RS700 |
Affected:
0 , ≤ 1.0.7.82
(custom)
|
|
| NETGEAR | RAX54Sv2 |
Affected:
0 , < V1.1.6.36
(custom)
|
|
| NETGEAR | RAX41v2 |
Affected:
0 , < V1.1.6.36
(custom)
|
|
| NETGEAR | RAX50 |
Affected:
0 , < V1.2.14.114
(custom)
|
|
| NETGEAR | RAXE500 |
Affected:
0 , < V1.2.14.114
(custom)
|
|
| NETGEAR | RAX41 |
Affected:
0 , < V1.0.17.142
(custom)
|
|
| NETGEAR | RAX43 |
Affected:
0 , < V1.0.17.142
(custom)
|
|
| NETGEAR | RAX35v2 |
Affected:
0 , < V1.0.17.142
(custom)
|
|
| NETGEAR | RAXE450 |
Affected:
0 , < V1.2.14.114
(custom)
|
|
| NETGEAR | RAX43v2 |
Affected:
0 , < V1.1.6.36
(custom)
|
|
| NETGEAR | RAX42 |
Affected:
0 , < V1.0.17.142
(custom)
|
|
| NETGEAR | RAX45 |
Affected:
0 , < V1.0.17.142
(custom)
|
|
| NETGEAR | RAX50v2 |
Affected:
0 , < V1.1.6.36
(custom)
|
|
| NETGEAR | MR90 |
Affected:
0 , < V1.0.2.46
(custom)
|
|
| NETGEAR | RAX42v2 |
Affected:
0 , < V1.1.6.36
(custom)
|
|
| NETGEAR | RAX49S |
Affected:
0 , < V1.1.6.36
(custom)
|
|
| NETGEAR | MS90 |
Affected:
0 , < V1.0.2.46
(custom)
|
Date Public
2025-12-09 17:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12946",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-10T04:57:23.602151Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:57:03.457Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Speedtest"
],
"product": "RS700",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.7.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX54Sv2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.6.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX41v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.6.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.2.14.114",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE500",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.2.14.114",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX41",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.17.142",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.17.142",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX35v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.17.142",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE450",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.2.14.114",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.6.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.17.142",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX45",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.17.142",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.6.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR90",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.2.46",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.6.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX49S",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.6.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS90",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.2.46",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rs700:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.7.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax54sv2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.6.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax41v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.6.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax50:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.2.14.114",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:raxe500:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.2.14.114",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax41:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.17.142",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax43:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.17.142",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax35v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.17.142",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:raxe450:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.2.14.114",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax43v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.6.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax42:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.17.142",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax45:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.17.142",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax50v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.6.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:mr90:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.2.46",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax42v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.6.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax49s:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.6.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms90:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.2.46",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "molybdenum"
}
],
"datePublic": "2025-12-09T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eA vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router\u0027s WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run. \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003eThis issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46;\u202fRAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36. \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router\u0027s WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run. \n\n\n\nThis issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46;\u202fRAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "AUTOMATIC",
"Safety": "NEGLIGIBLE",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/S:N/AU:N/R:A/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T19:35:39.538Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rs700"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax54sv2"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax41v2"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/RAX50"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe500"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax41"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax35v2"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe450"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43v2"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax45"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50v2"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr90"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms90"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42v2"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax49s"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070416/December-2025-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have\nthis patch applied. If not, please check the firmware version and update it to\nthe latest.\u003cbr\u003e\n\u003cbr\u003e\n\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\u003cp\u003eRS700 firmware V1.0.9.6 or later\u003c/p\u003e\u003cp\u003eRAX54Sv2/RAX45v2\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax54sv2\"\u003efirmware\u0026nbsp;V1.1.6.36 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX41v2\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax41v2\"\u003efirmware V1.1.6.36 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX50\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX50\"\u003efirmware V1.2.14.114 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAXE500\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/raxe500\"\u003efirmware V1.2.14.114\u0026nbsp;or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX41 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax41\"\u003efirmware V1.0.17.142 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX43 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax43\"\u003efirmware V1.0.17.142 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX35v2 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX35v2\"\u003efirmware V1.0.17.142 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAXE450 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAXE450\"\u003efirmware V1.0.17.142 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX43v2 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX43v2\"\u003efirmware V1.1.6.36 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX42 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX42\"\u003efirmware V1.0.17.142 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX45\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX45\"\u003efirmware V1.0.17.142 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX50v2 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX50v2\"\u003efirmware V1.1.6.36 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMR90 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/MR90\"\u003efirmware V1.0.2.46 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS90 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/MS90\"\u003efirmware V1.0.2.46 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX42v2 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX42v2\"\u003efirmware V1.1.6.36 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX49S \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX42v2\"\u003efirmware V1.1.6.36 or later\u003c/a\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "Devices with automatic updates enabled may already have\nthis patch applied. If not, please check the firmware version and update it to\nthe latest.\n\n\n\n\n\n\n\nFixed in:\n\nRS700 firmware V1.0.9.6 or later\n\nRAX54Sv2/RAX45v2\u00a0 firmware\u00a0V1.1.6.36 or later https://www.netgear.com/support/product/rax54sv2 \n\nRAX41v2\u00a0 firmware V1.1.6.36 or later https://www.netgear.com/support/product/rax41v2 \n\nRAX50\u00a0 firmware V1.2.14.114 or later https://www.netgear.com/support/product/RAX50 \n\nRAXE500\u00a0 firmware V1.2.14.114\u00a0or later https://www.netgear.com/support/product/raxe500 \n\nRAX41 firmware V1.0.17.142 or later https://www.netgear.com/support/product/rax41 \n\nRAX43 firmware V1.0.17.142 or later https://www.netgear.com/support/product/rax43 \n\nRAX35v2 firmware V1.0.17.142 or later https://www.netgear.com/support/product/RAX35v2 \n\nRAXE450 firmware V1.0.17.142 or later https://www.netgear.com/support/product/RAXE450 \n\nRAX43v2 firmware V1.1.6.36 or later https://www.netgear.com/support/product/RAX43v2 \n\nRAX42 firmware V1.0.17.142 or later https://www.netgear.com/support/product/RAX42 \n\nRAX45\u00a0 firmware V1.0.17.142 or later https://www.netgear.com/support/product/RAX45 \n\nRAX50v2 firmware V1.1.6.36 or later https://www.netgear.com/support/product/RAX50v2 \n\nMR90 firmware V1.0.2.46 or later https://www.netgear.com/support/product/MR90 \n\nMS90 firmware V1.0.2.46 or later https://www.netgear.com/support/product/MS90 \n\nRAX42v2 firmware V1.1.6.36 or later https://www.netgear.com/support/product/RAX42v2 \n\nRAX49S firmware V1.1.6.36 or later https://www.netgear.com/support/product/RAX42v2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2025-12-09T16:00:00.000Z",
"value": "published"
}
],
"title": "Improper input validation in NETGEAR Nighthawk routers",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2025-12946",
"datePublished": "2025-12-09T17:02:20.739Z",
"dateReserved": "2025-11-10T08:26:32.586Z",
"dateUpdated": "2026-02-26T16:57:03.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0418 (GCVE-0-2026-0418)
Vulnerability from cvelistv5 – Published: 2026-06-09 15:50 – Updated: 2026-06-10 15:56
VLAI
Title
Certain NETGEAR devices allow administrators to tamper with system
Summary
Insufficient configuration management in the listed devices allows authenticated administrators connected to the local network
to tamper with the system.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-15 - External control of system or configuration setting
Assigner
References
36 references
Impacted products
35 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | CBR750 |
Affected:
0 , < v4.6.14.4
(custom)
|
|
| NETGEAR | EX6120 |
Affected:
0 , ≤ 1.0.0.72
(custom)
|
|
| NETGEAR | EX6130 |
Affected:
0 , ≤ 1.0.0.54
(custom)
|
|
| NETGEAR | MR60 |
Affected:
0 , < V1.1.7.128
(custom)
|
|
| NETGEAR | MR70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MR80 |
Affected:
0 , < V1.1.7.6
(custom)
|
|
| NETGEAR | MS60 |
Affected:
0 , < V1.1.7.128
(custom)
|
|
| NETGEAR | MS70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MS80 |
Affected:
0 , < V1.1.7.6
(custom)
|
|
| NETGEAR | RAX15 |
Affected:
0 , ≤ 1.0.18.144
(custom)
|
|
| NETGEAR | RAX20 |
Affected:
0 , ≤ 1.0.18.144
(custom)
|
|
| NETGEAR | RAX200 |
Affected:
0 , ≤ 1.0.11.148
(custom)
|
|
| NETGEAR | RAX35v2 |
Affected:
0 , < V1.0.11.112
(custom)
|
|
| NETGEAR | RAX38v2 |
Affected:
0 , < V1.0.11.112
(custom)
|
|
| NETGEAR | RAX40v2 |
Affected:
0 , < V1.0.11.112
(custom)
|
|
| NETGEAR | RAX42 |
Affected:
0 , < V1.0.11.112
(custom)
|
|
| NETGEAR | RAX43 |
Affected:
0 , < V1.0.11.112
(custom)
|
|
| NETGEAR | RAX45 |
Affected:
0 , < V1.0.11.112
(custom)
|
|
| NETGEAR | RAX48 |
Affected:
0 , < V1.0.11.112
(custom)
|
|
| NETGEAR | RAX50 |
Affected:
0 , < V1.0.11.112
(custom)
|
|
| NETGEAR | RAX50S |
Affected:
0 , < V1.0.11.112
(custom)
|
|
| NETGEAR | RAX75 |
Affected:
0 , ≤ 1.0.11.148
(custom)
|
|
| NETGEAR | RAX80 |
Affected:
0 , ≤ 1.0.11.148
(custom)
|
|
| NETGEAR | RAXE450 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | RAXE500 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | RBR750 |
Affected:
0 , < V4.6.14.3
(custom)
|
|
| NETGEAR | RBR840 |
Affected:
0 , < V4.6.14.3
(custom)
|
|
| NETGEAR | RBR850 |
Affected:
0 , < V4.6.14.3
(custom)
|
|
| NETGEAR | RBRE960 |
Affected:
0 , < V6.3.7.5
(custom)
|
|
| NETGEAR | RBS750 |
Affected:
0 , < V4.6.14.3
(custom)
|
|
| NETGEAR | RBS840 |
Affected:
0 , < V4.6.14.3
(custom)
|
|
| NETGEAR | RBS850 |
Affected:
0 , < V4.6.14.3
(custom)
|
|
| NETGEAR | RBSE960 |
Affected:
0 , < V6.3.7.5
(custom)
|
|
| NETGEAR | RS700 |
Affected:
0 , < V1.0.7.66
(custom)
|
|
| NETGEAR | XR1000 |
Affected:
0 , < v1.0.0.68
(custom)
|
Date Public
2026-06-09 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0418",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T17:08:11.783284Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T17:09:21.456Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v4.6.14.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX6120",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.0.72",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX6130",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.0.54",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX15",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.18.144",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX20",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.18.144",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX200",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.11.148",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX35v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.112",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX38v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.112",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX40v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.112",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.112",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.112",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX45",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.112",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX48",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.112",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.112",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50S",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.112",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX75",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.11.148",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX80",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.11.148",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE450",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE500",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR840",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBRE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V6.3.7.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS840",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBSE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V6.3.7.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RS700",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.7.66",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "XR1000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.0.68",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "byte_blaster"
}
],
"datePublic": "2026-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cspan\u003e\u003cspan\u003eInsufficient configuration management in the listed devices\u0026nbsp;\u003c/span\u003e\u003c/span\u003e\u003cspan\u003eallows authenticated administrators connected to the local network\n\u003c/span\u003e\u003cspan\u003eto tamper with the system.\u003c/span\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "Insufficient configuration management in the listed devices\u00a0allows authenticated administrators connected to the local network\nto tamper with the system."
}
],
"impacts": [
{
"capecId": "CAPEC-184",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-184 Software Integrity Attack"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/R:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-15",
"description": "CWE-15 External control of system or configuration setting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T15:56:54.459Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/cbr750/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax15/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex6120/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax200/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax38v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax75/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr840/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr750/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbs750/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex6130/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr850/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbs840/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbs850/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rs700/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax35v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax20/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax40v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe500/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax48/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50s/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbse960/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe450/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax45/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbre960/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/xr1000/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\u003c/p\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eProduct\u003c/th\u003e\u003cth\u003eFixed Version\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eCBR750\u003c/b\u003e Orbi WiFi 6 DOCSIS 3.1 Mesh WiFi Cable Modem Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/cbr750/\"\u003ev4.6.14.4\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX6120 (EoS)\u003c/b\u003e AC1200 Dual Band WiFi Range Extender\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX6130 (EoS)\u0026nbsp;\u003c/b\u003eAC1200 WiFi Range Extender\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR60\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr60/\"\u003eV1.1.7.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR70\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr80/\"\u003eV1.1.7.6\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS60\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms60/\"\u003eV1.1.7.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS70\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms80/\"\u003eV1.1.7.6\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX15(EoS)\u003c/b\u003e 4-Stream AX1800 WiFi 6 Router\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX20 (EoS)\u003c/b\u003e 4-Stream AX1800 WiFi 6 Router\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX200 (EoS)\u003c/b\u003e Nighthawk Tri-Band AX12 12-Stream WiFi Router\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX35v2\u003c/b\u003e Nighthawk AX4 4-Stream AX3000 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax35v2/\"\u003eV1.0.11.112\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX38v2\u003c/b\u003e Nighthawk AX4 4-Stream AX3000 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax38v2/\"\u003eV1.0.11.112\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX40v2\u003c/b\u003e Nighthawk AX4 4-Stream WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax40v2/\"\u003eV1.0.11.112\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX42 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax42/\"\u003eV1.0.11.112\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX43 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax43/\"\u003eV1.0.11.112\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX45 (EoS)\u003c/b\u003e Nighthawk AX6 6-Stream AX4300 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax45/\"\u003eV1.0.11.112\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX48\u003c/b\u003e Nighthawk AX6 6-Stream AX5200 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax48/\"\u003eV1.0.11.112\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50/\"\u003eV1.0.11.112\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50S\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50s/\"\u003eV1.0.11.112\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX75 (EoS)\u003c/b\u003e Nighthawk AX8 8-Stream AX5700 WiFi 6 Router\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX80 (EoS)\u003c/b\u003e Nighthawk AX8 8-Stream WiFi Router\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE450\u003c/b\u003e Nighthawk AXE10000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe450/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE500\u003c/b\u003e Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe500/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBR750\u003c/b\u003e Orbi WiFi 6 Router AX4200\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr750/\"\u003eV4.6.14.3\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBR840 (EoS)\u003c/b\u003e Orbi WiFi 6 System AX5700\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr840/\"\u003eV4.6.14.3\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBR850\u003c/b\u003e Orbi WiFi 6 Router AX6000\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr850/\"\u003eV4.6.14.3\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBRE960\u003c/b\u003e Orbi Quad-band Mesh WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbre960/\"\u003eV6.3.7.5\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBS750\u003c/b\u003e Orbi WiFi 6 Add-on Satellite AX4200\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs750/\"\u003eV4.6.14.3\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBS840 (EoS)\u003c/b\u003e Orbi WiFi 6 Add-on Satellite AX5700\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs840/\"\u003eV4.6.14.3\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBS850\u003c/b\u003e Orbi WiFi 6 Satellite AX6000\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs850/\"\u003eV4.6.14.3\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBSE960\u003c/b\u003e Orbi Quad-band Mesh WiFi 6E Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbse960/\"\u003eV6.3.7.5\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRS700\u003c/b\u003e Nighthawk BE19000 WiFi 7 Tri-Band Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rs700/\"\u003eV1.0.7.66\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eXR1000\u003c/b\u003e Nighthawk WiFi 6 Pro Gaming Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/xr1000/\"\u003ev1.0.0.68\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cp\u003eModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support.\u003c/p\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\n\nProductFixed VersionCBR750 Orbi WiFi 6 DOCSIS 3.1 Mesh WiFi Cable Modem Router v4.6.14.4 https://www.netgear.com/support/product/cbr750/ EX6120 (EoS) AC1200 Dual Band WiFi Range ExtenderEOSEX6130 (EoS)\u00a0AC1200 WiFi Range ExtenderEOSMR60 Nighthawk Mesh WiFi 6 Router V1.1.7.128 https://www.netgear.com/support/product/mr60/ MR70 Nighthawk Mesh WiFi 6 Router V1.0.3.28 https://www.netgear.com/support/product/mr70/ MR80 Nighthawk Tri-band Mesh WiFi 6 Router V1.1.7.6 https://www.netgear.com/support/product/mr80/ MS60 Nighthawk Mesh WiFi 6 Add-on Satellite V1.1.7.128 https://www.netgear.com/support/product/ms60/ MS70 Nighthawk Mesh WiFi 6 Add-on Satellite V1.0.3.28 https://www.netgear.com/support/product/ms70/ MS80 Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite V1.1.7.6 https://www.netgear.com/support/product/ms80/ RAX15(EoS) 4-Stream AX1800 WiFi 6 RouterEOSRAX20 (EoS) 4-Stream AX1800 WiFi 6 RouterEOSRAX200 (EoS) Nighthawk Tri-Band AX12 12-Stream WiFi RouterEOSRAX35v2 Nighthawk AX4 4-Stream AX3000 WiFi 6 Router V1.0.11.112 https://www.netgear.com/support/product/rax35v2/ RAX38v2 Nighthawk AX4 4-Stream AX3000 WiFi Router V1.0.11.112 https://www.netgear.com/support/product/rax38v2/ RAX40v2 Nighthawk AX4 4-Stream WiFi Router V1.0.11.112 https://www.netgear.com/support/product/rax40v2/ RAX42 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.11.112 https://www.netgear.com/support/product/rax42/ RAX43 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.11.112 https://www.netgear.com/support/product/rax43/ RAX45 (EoS) Nighthawk AX6 6-Stream AX4300 WiFi Router V1.0.11.112 https://www.netgear.com/support/product/rax45/ RAX48 Nighthawk AX6 6-Stream AX5200 WiFi 6 Router V1.0.11.112 https://www.netgear.com/support/product/rax48/ RAX50 Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.11.112 https://www.netgear.com/support/product/rax50/ RAX50S Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.11.112 https://www.netgear.com/support/product/rax50s/ RAX75 (EoS) Nighthawk AX8 8-Stream AX5700 WiFi 6 RouterEOSRAX80 (EoS) Nighthawk AX8 8-Stream WiFi RouterEOSRAXE450 Nighthawk AXE10000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe450/ RAXE500 Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe500/ RBR750 Orbi WiFi 6 Router AX4200 V4.6.14.3 https://www.netgear.com/support/product/rbr750/ RBR840 (EoS) Orbi WiFi 6 System AX5700 V4.6.14.3 https://www.netgear.com/support/product/rbr840/ RBR850 Orbi WiFi 6 Router AX6000 V4.6.14.3 https://www.netgear.com/support/product/rbr850/ RBRE960 Orbi Quad-band Mesh WiFi 6E Router V6.3.7.5 https://www.netgear.com/support/product/rbre960/ RBS750 Orbi WiFi 6 Add-on Satellite AX4200 V4.6.14.3 https://www.netgear.com/support/product/rbs750/ RBS840 (EoS) Orbi WiFi 6 Add-on Satellite AX5700 V4.6.14.3 https://www.netgear.com/support/product/rbs840/ RBS850 Orbi WiFi 6 Satellite AX6000 V4.6.14.3 https://www.netgear.com/support/product/rbs850/ RBSE960 Orbi Quad-band Mesh WiFi 6E Add-on Satellite V6.3.7.5 https://www.netgear.com/support/product/rbse960/ RS700 Nighthawk BE19000 WiFi 7 Tri-Band Router V1.0.7.66 https://www.netgear.com/support/product/rs700/ XR1000 Nighthawk WiFi 6 Pro Gaming Router v1.0.0.68 https://www.netgear.com/support/product/xr1000/ \n\nModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Certain NETGEAR devices allow administrators to tamper with system",
"x_generator": {
"engine": "Vulnogram 1.0.3"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0418",
"datePublished": "2026-06-09T15:50:50.069Z",
"dateReserved": "2025-12-03T04:16:25.029Z",
"dateUpdated": "2026-06-10T15:56:54.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0417 (GCVE-0-2026-0417)
Vulnerability from cvelistv5 – Published: 2026-06-09 15:50 – Updated: 2026-06-10 15:49
VLAI
Title
Insufficient input validation in certain NETGEAR routers
Summary
Insufficient input validation vulnerability in the listed NETGEAR devices allows
authenticated administrators connected to the local network to tamper with
the router's integrity.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper input validation
Assigner
References
28 references
Impacted products
27 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | MR60 |
Affected:
0 , < V1.1.7.132
(custom)
|
|
| NETGEAR | MR70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MR80 |
Affected:
0 , < V1.1.7.14
(custom)
|
|
| NETGEAR | MS60 |
Affected:
0 , < V1.1.7.132
(custom)
|
|
| NETGEAR | MS70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MS80 |
Affected:
0 , < V1.1.7.14
(custom)
|
|
| NETGEAR | R6400v2 |
Affected:
0 , < V1.0.4.128
(custom)
|
|
| NETGEAR | R6700v3 |
Affected:
0 , < V1.0.4.128
(custom)
|
|
| NETGEAR | R6900P |
Affected:
0 , < V1.3.3.152
(custom)
|
|
| NETGEAR | R7000 |
Affected:
0 , < V1.0.11.216
(custom)
|
|
| NETGEAR | R7000P |
Affected:
0 , < V1.3.3.152
(custom)
|
|
| NETGEAR | R7960P |
Affected:
0 , < V1.4.4.92
(custom)
|
|
| NETGEAR | R8000P |
Affected:
0 , < V1.4.4.92
(custom)
|
|
| NETGEAR | R8500 |
Affected:
0 , ≤ 1.0.2.160
(custom)
|
|
| NETGEAR | RAX20 |
Affected:
0 , < V1.0.18.144
(custom)
|
|
| NETGEAR | RAX35v2 |
Affected:
0 , < V1.0.16.132
(custom)
|
|
| NETGEAR | RAX40v2 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX41 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX42 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX43 |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAX45 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX48 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX50 |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAX50S |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAXE450 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | RAXE500 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | XR1000 |
Affected:
0 , < V1.0.0.68
(custom)
|
Date Public
2026-06-09 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0417",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T17:10:42.291794Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T17:10:51.031Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MR60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6400v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.4.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6700v3",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.4.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6900P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.3.3.152",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7000P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.3.3.152",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7960P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.4.4.92",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R8000P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.4.4.92",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R8500",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.2.160",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX20",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.18.144",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX35v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.16.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX40v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX41",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX45",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX48",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50S",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE450",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE500",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "XR1000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.68",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "pjqwudi"
}
],
"datePublic": "2026-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eInsufficient input validation vulnerability in the listed NETGEAR\u0026nbsp;devices\u0026nbsp;allows\nauthenticated administrators connected to the local network to\u0026nbsp;tamper with\nthe router\u0027s integrity. \u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "Insufficient input validation vulnerability in the listed NETGEAR\u00a0devices\u00a0allows\nauthenticated administrators connected to the local network to\u00a0tamper with\nthe router\u0027s integrity."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T15:49:33.259Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6400v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6700v3/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7000/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6900p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r8000p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r8500/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax40v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax35v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax41/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax20/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7960p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7000p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax45/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax48/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe450/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50s/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/xr1000/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe500/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\u003c/p\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eProduct\u003c/th\u003e\u003cth\u003eFixed Version\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR60\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr60/\"\u003eV1.1.7.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR70\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr80/\"\u003eV1.1.7.14\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS60\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms60/\"\u003eV1.1.7.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS70\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms80/\"\u003eV1.1.7.14\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6400v2 (EoS)\u003c/b\u003e AC1750 Smart WiFi Router 802.11ac Dual Band Gigabit\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6400v2/\"\u003eV1.0.4.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6700v3 (EoS)\u003c/b\u003e Nighthawk AC1750 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6700v3/\"\u003eV1.0.4.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6900P (EoS)\u003c/b\u003e Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6900p/\"\u003eV1.3.3.152\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7000 (EoS)\u003c/b\u003e Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7000/\"\u003eV1.0.11.216\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7000P (EoS)\u003c/b\u003e Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7000p/\"\u003eV1.3.3.152\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7960P (EoS)\u003c/b\u003e Nighthawk X6S AC3600 Tri-Band WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7960p/\"\u003eV1.4.4.92\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR8000P (EoS)\u003c/b\u003e Nighthawk X6S AC4000 Tri Band WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r8000p/\"\u003eV1.4.4.92\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR8500 (EoS)\u003c/b\u003e Nighthawk X8 AC5300 Smart WiFi Router\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX20 (EoS)\u003c/b\u003e 4-Stream AX1800 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax20/\"\u003eV1.0.18.144\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX35v2\u003c/b\u003e Nighthawk AX4 4-Stream AX3000 WiFi 6 Router\u003c/td\u003e\u003ctd\u003eV1.0.16.132\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX40v2\u003c/b\u003e Nighthawk AX4 4-Stream WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax40v2/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX41 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX3600 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax41/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX42 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax42/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX43 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax43/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX45 (EoS)\u003c/b\u003e Nighthawk AX6 6-Stream AX4300 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax45/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX48\u003c/b\u003e Nighthawk AX6 6-Stream AX5200 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax48/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50S\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50s/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE450\u003c/b\u003e Nighthawk AXE10000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe450/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE500\u003c/b\u003e Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe500/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eXR1000\u003c/b\u003e Nighthawk WiFi 6 Pro Gaming Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/xr1000/\"\u003eV1.0.0.68\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cp\u003eModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support.\u003c/p\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\n\nProductFixed VersionMR60 Nighthawk Mesh WiFi 6 Router V1.1.7.132 https://www.netgear.com/support/product/mr60/ MR70 Nighthawk Mesh WiFi 6 Router V1.0.3.28 https://www.netgear.com/support/product/mr70/ MR80 Nighthawk Tri-band Mesh WiFi 6 Router V1.1.7.14 https://www.netgear.com/support/product/mr80/ MS60 Nighthawk Mesh WiFi 6 Add-on Satellite V1.1.7.132 https://www.netgear.com/support/product/ms60/ MS70 Nighthawk Mesh WiFi 6 Add-on Satellite V1.0.3.28 https://www.netgear.com/support/product/ms70/ MS80 Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite V1.1.7.14 https://www.netgear.com/support/product/ms80/ R6400v2 (EoS) AC1750 Smart WiFi Router 802.11ac Dual Band Gigabit V1.0.4.128 https://www.netgear.com/support/product/r6400v2/ R6700v3 (EoS) Nighthawk AC1750 Smart WiFi Dual Band Gigabit Router V1.0.4.128 https://www.netgear.com/support/product/r6700v3/ R6900P (EoS) Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.3.3.152 https://www.netgear.com/support/product/r6900p/ R7000 (EoS) Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.0.11.216 https://www.netgear.com/support/product/r7000/ R7000P (EoS) Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router V1.3.3.152 https://www.netgear.com/support/product/r7000p/ R7960P (EoS) Nighthawk X6S AC3600 Tri-Band WiFi Router V1.4.4.92 https://www.netgear.com/support/product/r7960p/ R8000P (EoS) Nighthawk X6S AC4000 Tri Band WiFi Router V1.4.4.92 https://www.netgear.com/support/product/r8000p/ R8500 (EoS) Nighthawk X8 AC5300 Smart WiFi RouterEOSRAX20 (EoS) 4-Stream AX1800 WiFi 6 Router V1.0.18.144 https://www.netgear.com/support/product/rax20/ RAX35v2 Nighthawk AX4 4-Stream AX3000 WiFi 6 RouterV1.0.16.132RAX40v2 Nighthawk AX4 4-Stream WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax40v2/ RAX41 (EoS) Nighthawk AX5 5-Stream AX3600 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax41/ RAX42 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax42/ RAX43 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.12.120 https://www.netgear.com/support/product/rax43/ RAX45 (EoS) Nighthawk AX6 6-Stream AX4300 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax45/ RAX48 Nighthawk AX6 6-Stream AX5200 WiFi 6 Router V1.0.12.118 https://www.netgear.com/support/product/rax48/ RAX50 Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.12.120 https://www.netgear.com/support/product/rax50/ RAX50S Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.12.120 https://www.netgear.com/support/product/rax50s/ RAXE450 Nighthawk AXE10000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe450/ RAXE500 Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe500/ XR1000 Nighthawk WiFi 6 Pro Gaming Router V1.0.0.68 https://www.netgear.com/support/product/xr1000/ \n\nModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient input validation in certain NETGEAR routers",
"x_generator": {
"engine": "Vulnogram 1.0.3"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0417",
"datePublished": "2026-06-09T15:50:49.507Z",
"dateReserved": "2025-12-03T04:16:24.254Z",
"dateUpdated": "2026-06-10T15:49:33.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-9210 (GCVE-0-2026-9210)
Vulnerability from cvelistv5 – Published: 2026-06-09 15:50 – Updated: 2026-06-11 05:38
VLAI
Title
Certain NETGEAR routers allow authenticated administrators to gain unintended control of the router
Summary
Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper input validation
Assigner
References
32 references
Impacted products
31 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | EX3700 |
Affected:
0 , < V1.0.0.100
(custom)
|
|
| NETGEAR | EX3800 |
Affected:
0 , < V1.0.0.100
(custom)
|
|
| NETGEAR | EX6120 |
Affected:
0 , < V1.0.0.72
(custom)
|
|
| NETGEAR | EX6130 |
Affected:
0 , < V1.0.0.54
(custom)
|
|
| NETGEAR | MR60 |
Affected:
0 , < V1.1.7.132
(custom)
|
|
| NETGEAR | MR70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MR80 |
Affected:
0 , < V1.1.7.14
(custom)
|
|
| NETGEAR | MS60 |
Affected:
0 , < V1.1.7.132
(custom)
|
|
| NETGEAR | MS70 |
Affected:
0 , < V1.0.3.28
(custom)
|
|
| NETGEAR | MS80 |
Affected:
0 , < V1.1.7.14
(custom)
|
|
| NETGEAR | R6400v2 |
Affected:
0 , < V1.0.4.128
(custom)
|
|
| NETGEAR | R6700v3 |
Affected:
0 , < V1.0.4.128
(custom)
|
|
| NETGEAR | R6900P |
Affected:
0 , < V1.3.3.152
(custom)
|
|
| NETGEAR | R7000 |
Affected:
0 , < V1.0.11.216
(custom)
|
|
| NETGEAR | R7000P |
Affected:
0 , < V1.3.3.152
(custom)
|
|
| NETGEAR | R7960P |
Affected:
0 , < V1.4.4.92
(custom)
|
|
| NETGEAR | R8000P |
Affected:
0 , < V1.4.4.92
(custom)
|
|
| NETGEAR | R8500 |
Affected:
0 , ≤ 1.0.2.160
(custom)
|
|
| NETGEAR | RAX20 |
Affected:
0 , < V1.0.18.144
(custom)
|
|
| NETGEAR | RAX35v2 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX40v2 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX41 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX42 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX43 |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAX45 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX48 |
Affected:
0 , < V1.0.12.118
(custom)
|
|
| NETGEAR | RAX50 |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAX50S |
Affected:
0 , < V1.0.12.120
(custom)
|
|
| NETGEAR | RAXE450 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | RAXE500 |
Affected:
0 , < V1.0.10.86
(custom)
|
|
| NETGEAR | XR1000 |
Affected:
0 , < V1.0.0.68
(custom)
|
Date Public
2026-06-09 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9210",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T18:03:30.063423Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T18:39:39.151Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EX3700",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.100",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX3800",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.100",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX6120",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.72",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX6130",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.54",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS60",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS70",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.3.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS80",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.7.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6400v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.4.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6700v3",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.4.128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R6900P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.3.3.152",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7000P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.3.3.152",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R7960P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.4.4.92",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R8000P",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.4.4.92",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R8500",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.2.160",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX20",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.18.144",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX35v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX40v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX41",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX45",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX48",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.118",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50S",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.12.120",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE450",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE500",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.86",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "XR1000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.0.68",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.100",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.100",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.72",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.54",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:mr60:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.7.132",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:mr70:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.3.28",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:mr80:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.7.14",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms60:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.7.132",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms70:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.3.28",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms80:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.7.14",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.4.128",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700v3:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.4.128",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.3.3.152",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.11.216",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.3.3.152",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7960p:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.4.4.92",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.4.4.92",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:*:*:*:*:*:*:*:*",
"versionEndIncluding": "*",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax20:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.18.144",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax35v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax40v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax41:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax42:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax43:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.120",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax45:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax48:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.118",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax50:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.120",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax50s:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.12.120",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:raxe450:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.10.86",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:raxe500:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.10.86",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:xr1000:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.0.68",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "pjqwudi"
}
],
"datePublic": "2026-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cp\u003eInsufficient input validation vulnerability in the\u0026nbsp;listed NETGEAR models allows\u0026nbsp;authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.\u003c/p\u003e\u003c/div\u003e"
}
],
"value": "Insufficient input validation vulnerability in the\u00a0listed NETGEAR models allows\u00a0authenticated administrators connected to the local network to make unauthorized modification of router software and functionality."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T05:38:03.646Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex3700/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex3800/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex6120/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex6130/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms60/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms80/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr70/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6400v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6700v3/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r6900p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7960p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7000p/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r8000p/"
},
{
"tags": [
"product"
],
"url": "https://www.netgear.com/support/product/r8500/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax48/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7000/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax40v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax20/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax35v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax41/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax45/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50s/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe450/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe500/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/xr1000/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\u003c/p\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eProduct\u003c/th\u003e\u003cth\u003eFixed Version\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX3700\u003c/b\u003e AC750 WiFi Range Extender Essentials Edition\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ex3700/\"\u003eV1.0.0.100\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX3800 (EoS)\u003c/b\u003e AC750 WiFi Range Extender Essentials Edition\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ex3800/\"\u003eV1.0.0.100\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX6120\u003c/b\u003e AC1200 Dual Band WiFi Range Extender\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ex6120/\"\u003eV1.0.0.72\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eEX6130\u003c/b\u003e AC1200 WiFi Range Extender\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ex6130/\"\u003eV1.0.0.54\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR60\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr60/\"\u003eV1.1.7.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR70\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr80/\"\u003eV1.1.7.14\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS60\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms60/\"\u003eV1.1.7.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS70\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms70/\"\u003eV1.0.3.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS80\u003c/b\u003e Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms80/\"\u003eV1.1.7.14\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6400v2 (EoS)\u003c/b\u003e AC1750 Smart WiFi Router 802.11ac Dual Band Gigabit\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6400v2/\"\u003eV1.0.4.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6700v3 (EoS)\u003c/b\u003e Nighthawk AC1750 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6700v3/\"\u003eV1.0.4.128\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR6900P (EoS)\u003c/b\u003e Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r6900p/\"\u003eV1.3.3.152\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7000 (EoS)\u003c/b\u003e Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7000/\"\u003eV1.0.11.216\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7000P (EoS)\u003c/b\u003e Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7000p/\"\u003eV1.3.3.152\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7960P (EoS)\u003c/b\u003e Nighthawk X6S AC3600 Tri-Band WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7960p/\"\u003eV1.4.4.92\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR8000P (EoS)\u003c/b\u003e Nighthawk X6S AC4000 Tri Band WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r8000p/\"\u003eV1.4.4.92\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR8500 (EoS)\u003c/b\u003e Nighthawk X8 AC5300 Smart WiFi Router\u003c/td\u003e\u003ctd\u003eEOS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX20 (EoS)\u003c/b\u003e 4-Stream AX1800 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax20/\"\u003eV1.0.18.144\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX35v2\u003c/b\u003e Nighthawk AX4 4-Stream AX3000 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax35v2/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX40v2\u003c/b\u003e Nighthawk AX4 4-Stream WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax40v2/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX41 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX3600 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax41/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX42 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax42/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX43 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax43/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX45 (EoS)\u003c/b\u003e Nighthawk AX6 6-Stream AX4300 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax45/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX48\u003c/b\u003e Nighthawk AX6 6-Stream AX5200 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax48/\"\u003eV1.0.12.118\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50S\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50s/\"\u003eV1.0.12.120\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE450\u003c/b\u003e Nighthawk AXE10000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe450/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE500\u003c/b\u003e Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe500/\"\u003eV1.0.10.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eXR1000\u003c/b\u003e Nighthawk WiFi 6 Pro Gaming Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/xr1000/\"\u003eV1.0.0.68\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cp\u003eModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support.\u003c/p\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\n\nProductFixed VersionEX3700 AC750 WiFi Range Extender Essentials Edition V1.0.0.100 https://www.netgear.com/support/product/ex3700/ EX3800 (EoS) AC750 WiFi Range Extender Essentials Edition V1.0.0.100 https://www.netgear.com/support/product/ex3800/ EX6120 AC1200 Dual Band WiFi Range Extender V1.0.0.72 https://www.netgear.com/support/product/ex6120/ EX6130 AC1200 WiFi Range Extender V1.0.0.54 https://www.netgear.com/support/product/ex6130/ MR60 Nighthawk Mesh WiFi 6 Router V1.1.7.132 https://www.netgear.com/support/product/mr60/ MR70 Nighthawk Mesh WiFi 6 Router V1.0.3.28 https://www.netgear.com/support/product/mr70/ MR80 Nighthawk Tri-band Mesh WiFi 6 Router V1.1.7.14 https://www.netgear.com/support/product/mr80/ MS60 Nighthawk Mesh WiFi 6 Add-on Satellite V1.1.7.132 https://www.netgear.com/support/product/ms60/ MS70 Nighthawk Mesh WiFi 6 Add-on Satellite V1.0.3.28 https://www.netgear.com/support/product/ms70/ MS80 Nighthawk Tri-band Mesh WiFi 6 Add-on Satellite V1.1.7.14 https://www.netgear.com/support/product/ms80/ R6400v2 (EoS) AC1750 Smart WiFi Router 802.11ac Dual Band Gigabit V1.0.4.128 https://www.netgear.com/support/product/r6400v2/ R6700v3 (EoS) Nighthawk AC1750 Smart WiFi Dual Band Gigabit Router V1.0.4.128 https://www.netgear.com/support/product/r6700v3/ R6900P (EoS) Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.3.3.152 https://www.netgear.com/support/product/r6900p/ R7000 (EoS) Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.0.11.216 https://www.netgear.com/support/product/r7000/ R7000P (EoS) Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router V1.3.3.152 https://www.netgear.com/support/product/r7000p/ R7960P (EoS) Nighthawk X6S AC3600 Tri-Band WiFi Router V1.4.4.92 https://www.netgear.com/support/product/r7960p/ R8000P (EoS) Nighthawk X6S AC4000 Tri Band WiFi Router V1.4.4.92 https://www.netgear.com/support/product/r8000p/ R8500 (EoS) Nighthawk X8 AC5300 Smart WiFi RouterEOSRAX20 (EoS) 4-Stream AX1800 WiFi 6 Router V1.0.18.144 https://www.netgear.com/support/product/rax20/ RAX35v2 Nighthawk AX4 4-Stream AX3000 WiFi 6 Router V1.0.12.118 https://www.netgear.com/support/product/rax35v2/ RAX40v2 Nighthawk AX4 4-Stream WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax40v2/ RAX41 (EoS) Nighthawk AX5 5-Stream AX3600 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax41/ RAX42 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax42/ RAX43 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.12.120 https://www.netgear.com/support/product/rax43/ RAX45 (EoS) Nighthawk AX6 6-Stream AX4300 WiFi Router V1.0.12.118 https://www.netgear.com/support/product/rax45/ RAX48 Nighthawk AX6 6-Stream AX5200 WiFi 6 Router V1.0.12.118 https://www.netgear.com/support/product/rax48/ RAX50 Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.12.120 https://www.netgear.com/support/product/rax50/ RAX50S Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.12.120 https://www.netgear.com/support/product/rax50s/ RAXE450 Nighthawk AXE10000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe450/ RAXE500 Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router V1.0.10.86 https://www.netgear.com/support/product/raxe500/ XR1000 Nighthawk WiFi 6 Pro Gaming Router V1.0.0.68 https://www.netgear.com/support/product/xr1000/ \n\nModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Certain NETGEAR routers allow authenticated administrators to gain unintended control of the router",
"x_generator": {
"engine": "Vulnogram 1.0.3"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-9210",
"datePublished": "2026-06-09T15:50:48.947Z",
"dateReserved": "2026-05-21T17:29:00.866Z",
"dateUpdated": "2026-06-11T05:38:03.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0410 (GCVE-0-2026-0410)
Vulnerability from cvelistv5 – Published: 2026-06-09 15:41 – Updated: 2026-06-10 15:24
VLAI
Title
Insufficient input validation in certain NETGEAR routers
Summary
Authenticated administrators connected to the local network can gain
elevated access to the router and make unauthorized changes to router
software and functionality.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Insufficient input validation
Assigner
References
20 references
Impacted products
20 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | R7000 |
Affected:
0 , < V1.0.11.216
(custom)
|
|
| NETGEAR | RAX20 |
Affected:
0 , < V1.0.18.144
(custom)
|
|
| NETGEAR | RAX35v2 |
Affected:
0 , < V1.0.16.132
(custom)
|
|
| NETGEAR | RAX41 |
Affected:
0 , < V1.0.16.132
(custom)
|
|
| NETGEAR | RAX41v2 |
Affected:
0 , < V1.1.4.28
(custom)
|
|
| NETGEAR | RAX42 |
Affected:
0 , < V1.0.16.132
(custom)
|
|
| NETGEAR | RAX42v2 |
Affected:
0 , < V1.1.4.28
(custom)
|
|
| NETGEAR | RAX43 |
Affected:
0 , < V1.0.16.132
(custom)
|
|
| NETGEAR | RAX43v2 |
Affected:
0 , < V1.1.4.28
(custom)
|
|
| NETGEAR | RAX45 |
Affected:
0 , < V1.0.16.132
(custom)
|
|
| NETGEAR | RAX49S |
Affected:
0 , < V1.1.4.28
(custom)
|
|
| NETGEAR | RAX50 |
Affected:
0 , < V1.0.16.132
(custom)
|
|
| NETGEAR | RAX50S |
Affected:
0 , < V1.0.16.132
(custom)
|
|
| NETGEAR | RAX50v2 |
Affected:
0 , < V1.1.4.28
(custom)
|
|
| NETGEAR | RAX54Sv2 |
Affected:
0 , < V1.1.4.28
(custom)
|
|
| NETGEAR | RAX54v2 |
Affected:
0 , < V1.1.4.28
(custom)
|
|
| NETGEAR | RAXE450 |
Affected:
0 , < V1.2.14.114
(custom)
|
|
| NETGEAR | RAXE500 |
Affected:
0 , < V1.2.14.114
(custom)
|
|
| NETGEAR | XR1000 |
Affected:
0 , < V1.1.0.22
(custom)
|
|
| NETGEAR | XR1000v2 |
Affected:
0 , < V1.1.0.22
(custom)
|
Date Public
2026-06-09 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0410",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T17:27:32.030390Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T18:40:24.087Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "R7000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.11.216",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX20",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.18.144",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX35v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.16.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX41",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.16.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX41v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.4.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.16.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.4.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.16.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.4.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX45",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.16.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX49S",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.4.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.16.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50S",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.16.132",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.4.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX54Sv2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.4.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX54v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.4.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE450",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.2.14.114",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE500",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.2.14.114",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "XR1000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.0.22",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "XR1000v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.0.22",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "SmallS"
}
],
"datePublic": "2026-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eAuthenticated administrators connected to the local network can gain \nelevated access to the router and make unauthorized changes to router \nsoftware and functionality.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Authenticated administrators connected to the local network can gain \nelevated access to the router and make unauthorized changes to router \nsoftware and functionality."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 1.9,
"baseSeverity": "LOW",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Insufficient input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T15:24:02.912Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax20/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/r7000/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax35v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax41/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax41v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax45/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe450/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50s/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax54sv2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/xr1000/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/xr1000v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50v2/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax49s/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe500/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\u003c/p\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eProduct\u003c/th\u003e\u003cth\u003eFixed Version\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eR7000 (EoS)\u003c/b\u003e Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/r7000/\"\u003eV1.0.11.216\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX20 (EoS)\u003c/b\u003e 4-Stream AX1800 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax20/\"\u003eV1.0.18.144\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX35v2\u003c/b\u003e Nighthawk AX4 4-Stream AX3000 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax35v2/\"\u003eV1.0.16.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX41 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX3600 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax41/\"\u003eV1.0.16.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX41v2\u003c/b\u003e Nighthawk AX5 5-Stream AX3600 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax41v2/\"\u003eV1.1.4.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX42 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax42/\"\u003eV1.0.16.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX42v2\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax42v2/\"\u003eV1.1.4.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX43 (EoS)\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax43/\"\u003eV1.0.16.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX43v2\u003c/b\u003e Nighthawk AX5 5-Stream AX4200 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax43v2/\"\u003eV1.1.4.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX45 (EoS)\u003c/b\u003e Nighthawk AX6 6-Stream AX4300 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax45/\"\u003eV1.0.16.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX49S\u003c/b\u003e Nighthawk AX6 6-Stream AX5300 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax49s/\"\u003eV1.1.4.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50/\"\u003eV1.0.16.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50S\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50s/\"\u003eV1.0.16.132\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX50v2\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax50v2/\"\u003eV1.1.4.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX54Sv2\u003c/b\u003e Nighthawk AX6 6-Stream AX5400 WiFi Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax54sv2/\"\u003eV1.1.4.28\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX54v2\u003c/b\u003e\u003c/td\u003e\u003ctd\u003eV1.1.4.28\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE450\u003c/b\u003e Nighthawk AXE10000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe450/\"\u003eV1.2.14.114\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE500\u003c/b\u003e Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe500/\"\u003eV1.2.14.114\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eXR1000\u003c/b\u003e Nighthawk WiFi 6 Pro Gaming Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/xr1000/\"\u003eV1.1.0.22\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eXR1000v2\u003c/b\u003e Nighthawk WiFi 6 Pro Gaming Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/xr1000v2/\"\u003eV1.1.0.22\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cp\u003eModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support.\u003c/p\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\n\nProductFixed VersionR7000 (EoS) Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.0.11.216 https://www.netgear.com/support/product/r7000/ RAX20 (EoS) 4-Stream AX1800 WiFi 6 Router V1.0.18.144 https://www.netgear.com/support/product/rax20/ RAX35v2 Nighthawk AX4 4-Stream AX3000 WiFi 6 Router V1.0.16.132 https://www.netgear.com/support/product/rax35v2/ RAX41 (EoS) Nighthawk AX5 5-Stream AX3600 WiFi Router V1.0.16.132 https://www.netgear.com/support/product/rax41/ RAX41v2 Nighthawk AX5 5-Stream AX3600 WiFi Router V1.1.4.28 https://www.netgear.com/support/product/rax41v2/ RAX42 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.16.132 https://www.netgear.com/support/product/rax42/ RAX42v2 Nighthawk AX5 5-Stream AX4200 WiFi Router V1.1.4.28 https://www.netgear.com/support/product/rax42v2/ RAX43 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.16.132 https://www.netgear.com/support/product/rax43/ RAX43v2 Nighthawk AX5 5-Stream AX4200 WiFi Router V1.1.4.28 https://www.netgear.com/support/product/rax43v2/ RAX45 (EoS) Nighthawk AX6 6-Stream AX4300 WiFi Router V1.0.16.132 https://www.netgear.com/support/product/rax45/ RAX49S Nighthawk AX6 6-Stream AX5300 WiFi Router V1.1.4.28 https://www.netgear.com/support/product/rax49s/ RAX50 Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.16.132 https://www.netgear.com/support/product/rax50/ RAX50S Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.16.132 https://www.netgear.com/support/product/rax50s/ RAX50v2 Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.1.4.28 https://www.netgear.com/support/product/rax50v2/ RAX54Sv2 Nighthawk AX6 6-Stream AX5400 WiFi Router V1.1.4.28 https://www.netgear.com/support/product/rax54sv2/ RAX54v2V1.1.4.28RAXE450 Nighthawk AXE10000 Tri-Band WiFi 6E Router V1.2.14.114 https://www.netgear.com/support/product/raxe450/ RAXE500 Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router V1.2.14.114 https://www.netgear.com/support/product/raxe500/ XR1000 Nighthawk WiFi 6 Pro Gaming Router V1.1.0.22 https://www.netgear.com/support/product/xr1000/ XR1000v2 Nighthawk WiFi 6 Pro Gaming Router V1.1.0.22 https://www.netgear.com/support/product/xr1000v2/ \n\nModels marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient input validation in certain NETGEAR routers",
"x_generator": {
"engine": "Vulnogram 1.0.3"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0410",
"datePublished": "2026-06-09T15:41:47.808Z",
"dateReserved": "2025-12-03T04:16:17.013Z",
"dateUpdated": "2026-06-10T15:24:02.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12946 (GCVE-0-2025-12946)
Vulnerability from cvelistv5 – Published: 2025-12-09 17:02 – Updated: 2026-02-26 16:57
VLAI
Title
Improper input validation in NETGEAR Nighthawk routers
Summary
A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run.
This issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46; RAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
18 references
Impacted products
17 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | RS700 |
Affected:
0 , ≤ 1.0.7.82
(custom)
|
|
| NETGEAR | RAX54Sv2 |
Affected:
0 , < V1.1.6.36
(custom)
|
|
| NETGEAR | RAX41v2 |
Affected:
0 , < V1.1.6.36
(custom)
|
|
| NETGEAR | RAX50 |
Affected:
0 , < V1.2.14.114
(custom)
|
|
| NETGEAR | RAXE500 |
Affected:
0 , < V1.2.14.114
(custom)
|
|
| NETGEAR | RAX41 |
Affected:
0 , < V1.0.17.142
(custom)
|
|
| NETGEAR | RAX43 |
Affected:
0 , < V1.0.17.142
(custom)
|
|
| NETGEAR | RAX35v2 |
Affected:
0 , < V1.0.17.142
(custom)
|
|
| NETGEAR | RAXE450 |
Affected:
0 , < V1.2.14.114
(custom)
|
|
| NETGEAR | RAX43v2 |
Affected:
0 , < V1.1.6.36
(custom)
|
|
| NETGEAR | RAX42 |
Affected:
0 , < V1.0.17.142
(custom)
|
|
| NETGEAR | RAX45 |
Affected:
0 , < V1.0.17.142
(custom)
|
|
| NETGEAR | RAX50v2 |
Affected:
0 , < V1.1.6.36
(custom)
|
|
| NETGEAR | MR90 |
Affected:
0 , < V1.0.2.46
(custom)
|
|
| NETGEAR | RAX42v2 |
Affected:
0 , < V1.1.6.36
(custom)
|
|
| NETGEAR | RAX49S |
Affected:
0 , < V1.1.6.36
(custom)
|
|
| NETGEAR | MS90 |
Affected:
0 , < V1.0.2.46
(custom)
|
Date Public
2025-12-09 17:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12946",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-10T04:57:23.602151Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:57:03.457Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Speedtest"
],
"product": "RS700",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.0.7.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX54Sv2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.6.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX41v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.6.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.2.14.114",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE500",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.2.14.114",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX41",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.17.142",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.17.142",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX35v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.17.142",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE450",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.2.14.114",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX43v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.6.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.17.142",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX45",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.17.142",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX50v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.6.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MR90",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.2.46",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX42v2",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.6.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX49S",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.1.6.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS90",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.2.46",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rs700:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.7.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax54sv2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.6.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax41v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.6.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax50:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.2.14.114",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:raxe500:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.2.14.114",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax41:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.17.142",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax43:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.17.142",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax35v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.17.142",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:raxe450:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.2.14.114",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax43v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.6.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax42:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.17.142",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax45:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.17.142",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax50v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.6.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:mr90:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.2.46",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax42v2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.6.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax49s:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.1.6.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms90:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.2.46",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "molybdenum"
}
],
"datePublic": "2025-12-09T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eA vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router\u0027s WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run. \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003eThis issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46;\u202fRAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36. \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router\u0027s WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run. \n\n\n\nThis issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46;\u202fRAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "AUTOMATIC",
"Safety": "NEGLIGIBLE",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/S:N/AU:N/R:A/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T19:35:39.538Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rs700"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax54sv2"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax41v2"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/RAX50"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe500"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax41"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax35v2"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe450"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax43v2"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax45"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax50v2"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/mr90"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ms90"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax42v2"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax49s"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070416/December-2025-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have\nthis patch applied. If not, please check the firmware version and update it to\nthe latest.\u003cbr\u003e\n\u003cbr\u003e\n\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\u003cp\u003eRS700 firmware V1.0.9.6 or later\u003c/p\u003e\u003cp\u003eRAX54Sv2/RAX45v2\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax54sv2\"\u003efirmware\u0026nbsp;V1.1.6.36 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX41v2\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax41v2\"\u003efirmware V1.1.6.36 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX50\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX50\"\u003efirmware V1.2.14.114 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAXE500\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/raxe500\"\u003efirmware V1.2.14.114\u0026nbsp;or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX41 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax41\"\u003efirmware V1.0.17.142 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX43 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax43\"\u003efirmware V1.0.17.142 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX35v2 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX35v2\"\u003efirmware V1.0.17.142 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAXE450 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAXE450\"\u003efirmware V1.0.17.142 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX43v2 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX43v2\"\u003efirmware V1.1.6.36 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX42 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX42\"\u003efirmware V1.0.17.142 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX45\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX45\"\u003efirmware V1.0.17.142 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX50v2 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX50v2\"\u003efirmware V1.1.6.36 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMR90 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/MR90\"\u003efirmware V1.0.2.46 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS90 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/MS90\"\u003efirmware V1.0.2.46 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX42v2 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX42v2\"\u003efirmware V1.1.6.36 or later\u003c/a\u003e\u003c/p\u003e\u003cp\u003eRAX49S \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/RAX42v2\"\u003efirmware V1.1.6.36 or later\u003c/a\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "Devices with automatic updates enabled may already have\nthis patch applied. If not, please check the firmware version and update it to\nthe latest.\n\n\n\n\n\n\n\nFixed in:\n\nRS700 firmware V1.0.9.6 or later\n\nRAX54Sv2/RAX45v2\u00a0 firmware\u00a0V1.1.6.36 or later https://www.netgear.com/support/product/rax54sv2 \n\nRAX41v2\u00a0 firmware V1.1.6.36 or later https://www.netgear.com/support/product/rax41v2 \n\nRAX50\u00a0 firmware V1.2.14.114 or later https://www.netgear.com/support/product/RAX50 \n\nRAXE500\u00a0 firmware V1.2.14.114\u00a0or later https://www.netgear.com/support/product/raxe500 \n\nRAX41 firmware V1.0.17.142 or later https://www.netgear.com/support/product/rax41 \n\nRAX43 firmware V1.0.17.142 or later https://www.netgear.com/support/product/rax43 \n\nRAX35v2 firmware V1.0.17.142 or later https://www.netgear.com/support/product/RAX35v2 \n\nRAXE450 firmware V1.0.17.142 or later https://www.netgear.com/support/product/RAXE450 \n\nRAX43v2 firmware V1.1.6.36 or later https://www.netgear.com/support/product/RAX43v2 \n\nRAX42 firmware V1.0.17.142 or later https://www.netgear.com/support/product/RAX42 \n\nRAX45\u00a0 firmware V1.0.17.142 or later https://www.netgear.com/support/product/RAX45 \n\nRAX50v2 firmware V1.1.6.36 or later https://www.netgear.com/support/product/RAX50v2 \n\nMR90 firmware V1.0.2.46 or later https://www.netgear.com/support/product/MR90 \n\nMS90 firmware V1.0.2.46 or later https://www.netgear.com/support/product/MS90 \n\nRAX42v2 firmware V1.1.6.36 or later https://www.netgear.com/support/product/RAX42v2 \n\nRAX49S firmware V1.1.6.36 or later https://www.netgear.com/support/product/RAX42v2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2025-12-09T16:00:00.000Z",
"value": "published"
}
],
"title": "Improper input validation in NETGEAR Nighthawk routers",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2025-12946",
"datePublished": "2025-12-09T17:02:20.739Z",
"dateReserved": "2025-11-10T08:26:32.586Z",
"dateUpdated": "2026-02-26T16:57:03.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
VAR-202110-1807
Vulnerability from variot - Updated: 2025-08-20 23:06NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of authentication prior to allowing access to system configuration information. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-13708
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202110-1807",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.132"
},
{
"model": "rax35v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.76"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "v6510-1fxaus",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.80"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.132"
},
{
"model": "xr300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.68"
},
{
"model": "raxe500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.8.70"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.1.80"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "rax38v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "ms80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.10"
},
{
"model": "rax48",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.70"
},
{
"model": "xr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.156"
},
{
"model": "rax40v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.76"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "dc112a",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.122"
},
{
"model": "ex7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.76"
},
{
"model": "rax43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.106"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "dgn2200v4",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.126"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.128"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.122"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "lax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.30"
},
{
"model": "rax50s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "rax42",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.76"
},
{
"model": "raxe450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.8.70"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.156"
},
{
"model": "mr80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.10"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.132"
},
{
"model": "d6220",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex3700",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex6120",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex7500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr1000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex6130",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "lax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "dc112a",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex3800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d7000v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "dgn2200v4",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "v6510-1fxaus",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "multiple routers",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sungur Labs",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
}
],
"trust": 1.3
},
"cve": "CVE-2021-34983",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-34983",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2021-021935",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-34983",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2021-34983",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2021-021935",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2021-34983",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202110-2191",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
},
{
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of authentication prior to allowing access to system configuration information. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-13708",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-34983"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "ZDI",
"id": "ZDI-21-1275"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-34983",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-21-1275",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-13708",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
},
{
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"id": "VAR-202110-1807",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.42902259035714285
},
"last_update_date": "2025-08-20T23:06:15.645000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159"
},
{
"title": "Netgear NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167951"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.0
},
{
"problemtype": "Lack of authentication for critical features (CWE-306) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000064313/security-advisory-for-pre-authentication-buffer-overflow-on-some-extenders-routers-and-dsl-modem-routers-psv-2021-0159"
},
{
"trust": 2.4,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-1275/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-34983"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
},
{
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
},
{
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-29T00:00:00",
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"date": "2025-08-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"date": "2021-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-2191"
},
{
"date": "2024-05-07T23:15:13.573000",
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-29T00:00:00",
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"date": "2025-08-18T05:10:00",
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"date": "2021-11-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-2191"
},
{
"date": "2025-08-14T01:40:56.983000",
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability related to lack of authentication for important functions in multiple NETGEAR products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
}
],
"trust": 0.6
}
}
VAR-202110-1806
Vulnerability from variot - Updated: 2025-08-16 23:08NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the httpd service, which listens on TCP port 80 by default. When parsing the strings file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13709. DC112A firmware, EX3700 firmware, EX3800 Multiple Netgear products, including firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202110-1806",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax35v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.76"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "v6510-1fxaus",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.80"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.132"
},
{
"model": "xr300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.68"
},
{
"model": "raxe500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.8.70"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.1.80"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "rax38v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "ms80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.10"
},
{
"model": "rax48",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.70"
},
{
"model": "xr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.156"
},
{
"model": "rax40v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "dgn2200v4",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.126"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.76"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "dc112a",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.122"
},
{
"model": "ex7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.76"
},
{
"model": "rax43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.106"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "rax50s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.128"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.122"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.132"
},
{
"model": "lax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.30"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "rax42",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.76"
},
{
"model": "raxe450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.8.70"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.156"
},
{
"model": "mr80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.10"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.132"
},
{
"model": "mr80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex6130",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7850",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6900p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "dc112a",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex3800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7100lg",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700v3",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex6120",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex7500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "lax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex3700",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "multiple routers",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sungur Labs",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
}
],
"trust": 1.3
},
"cve": "CVE-2021-34982",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-34982",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2021-021931",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-34982",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2021-34982",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2021-021931",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2021-34982",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202110-2193",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
},
{
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the httpd service, which listens on TCP port 80 by default. When parsing the strings file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13709. DC112A firmware, EX3700 firmware, EX3800 Multiple Netgear products, including firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-34982"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "ZDI",
"id": "ZDI-21-1274"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-34982",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-21-1274",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-13709",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
},
{
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"id": "VAR-202110-1806",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4290225903571429
},
"last_update_date": "2025-08-16T23:08:29.384000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159"
},
{
"title": "Netgear NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167952"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
"trust": 0.8
},
{
"problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000064313/security-advisory-for-pre-authentication-buffer-overflow-on-some-extenders-routers-and-dsl-modem-routers-psv-2021-0159"
},
{
"trust": 2.4,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-1274/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-34982"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
},
{
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
},
{
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-29T00:00:00",
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"date": "2025-08-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"date": "2021-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-2193"
},
{
"date": "2024-05-07T23:15:13.400000",
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-29T00:00:00",
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"date": "2025-08-15T07:39:00",
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"date": "2021-11-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-2193"
},
{
"date": "2025-08-14T01:41:19.343000",
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Out-of-bounds write vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
}
],
"trust": 0.6
}
}
VAR-202306-2270
Vulnerability from variot - Updated: 2025-08-10 23:12NETGEAR Multiple Routers curl_post Improper Certificate Validation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the update functionality, which operates over HTTPS. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-19981. (DoS) It may be in a state. NETGEAR Routers are a series of routers from NETGEAR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202306-2270",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.15.128"
},
{
"model": "rax50",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax50",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax50 firmware 1.0.15.128"
},
{
"model": "rax50",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "multiple routers",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
},
{
"model": "routers",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-893"
},
{
"db": "CNVD",
"id": "CNVD-2025-11214"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029514"
},
{
"db": "NVD",
"id": "CVE-2023-35721"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zach Hanley (@hacks_zach) of Horizon3 A.I.",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-893"
}
],
"trust": 0.7
},
"cve": "CVE-2023-35721",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2025-11214",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2023-35721",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-35721",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-35721",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2023-35721",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-35721",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-35721",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-35721",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2023-35721",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2025-11214",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-893"
},
{
"db": "CNVD",
"id": "CNVD-2025-11214"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029514"
},
{
"db": "NVD",
"id": "CVE-2023-35721"
},
{
"db": "NVD",
"id": "CVE-2023-35721"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR Multiple Routers curl_post Improper Certificate Validation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the update functionality, which operates over HTTPS. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-19981. (DoS) It may be in a state. NETGEAR Routers are a series of routers from NETGEAR",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-35721"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029514"
},
{
"db": "ZDI",
"id": "ZDI-23-893"
},
{
"db": "CNVD",
"id": "CNVD-2025-11214"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-35721",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-23-893",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029514",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-19981",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2025-11214",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-893"
},
{
"db": "CNVD",
"id": "CNVD-2025-11214"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029514"
},
{
"db": "NVD",
"id": "CVE-2023-35721"
}
]
},
"id": "VAR-202306-2270",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11214"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11214"
}
]
},
"last_update_date": "2025-08-10T23:12:14.805000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000065668/Security-Advisory-for-Improper-Remote-Server-Certificate-Validation-on-the-RAX50-PSV-2023-0019"
},
{
"title": "Patch for NETGEAR Routers Code Execution Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/692186"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-893"
},
{
"db": "CNVD",
"id": "CNVD-2025-11214"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-295",
"trust": 1.0
},
{
"problemtype": "Illegal certificate verification (CWE-295) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029514"
},
{
"db": "NVD",
"id": "CVE-2023-35721"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000065668/security-advisory-for-improper-remote-server-certificate-validation-on-the-rax50-psv-2023-0019"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-893/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-35721"
},
{
"trust": 0.6,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-35721"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-893"
},
{
"db": "CNVD",
"id": "CNVD-2025-11214"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029514"
},
{
"db": "NVD",
"id": "CVE-2023-35721"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-893"
},
{
"db": "CNVD",
"id": "CNVD-2025-11214"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029514"
},
{
"db": "NVD",
"id": "CVE-2023-35721"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-30T00:00:00",
"db": "ZDI",
"id": "ZDI-23-893"
},
{
"date": "2025-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11214"
},
{
"date": "2025-08-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-029514"
},
{
"date": "2024-05-03T02:15:34.800000",
"db": "NVD",
"id": "CVE-2023-35721"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-30T00:00:00",
"db": "ZDI",
"id": "ZDI-23-893"
},
{
"date": "2025-05-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11214"
},
{
"date": "2025-08-08T08:17:00",
"db": "JVNDB",
"id": "JVNDB-2023-029514"
},
{
"date": "2025-08-07T14:44:37.740000",
"db": "NVD",
"id": "CVE-2023-35721"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX50\u00a0 Certificate validation vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029514"
}
],
"trust": 0.8
}
}
VAR-202203-1671
Vulnerability from variot - Updated: 2025-08-06 22:55This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the name or email field provided to libreadycloud.so. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15874. cax80 firmware, LAX20 firmware, MR60 For multiple Netgear products such as firmware, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The NETGEAR R6700v3 is a Nighthawk AC1750 Smart Dual-Band Gigabit Router from NETGEAR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202203-1671",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "lax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.34"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.126"
},
{
"model": "rax42",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.126"
},
{
"model": "rax50s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rax48",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.78"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.3.88"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.3.88"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.138"
},
{
"model": "mr80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.14"
},
{
"model": "ms80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.14"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.124"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.138"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.84"
},
{
"model": "rax40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.1.86"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.158"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.124"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "rax38",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.134"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.3.88"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "rax43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "cax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.1.3.7"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.84"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.138"
},
{
"model": "rax35",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "mr60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "cax80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7900p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6900p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "lax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7960p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax15",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7850",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700v3",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
},
{
"model": "r6700v3 1.0.4.120 10.0.91",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"db": "CNVD",
"id": "CNVD-2025-17534"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022073"
},
{
"db": "NVD",
"id": "CVE-2022-27647"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bugscale team",
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2064"
}
],
"trust": 1.3
},
"cve": "CVE-2022-27647",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "CNVD-2025-17534",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2022-27647",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2022-27647",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2022-27647",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2022-27647",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2022-27647",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-27647",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2022-27647",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2025-17534",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202203-2064",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"db": "CNVD",
"id": "CNVD-2025-17534"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022073"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2064"
},
{
"db": "NVD",
"id": "CVE-2022-27647"
},
{
"db": "NVD",
"id": "CVE-2022-27647"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the name or email field provided to libreadycloud.so. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15874. cax80 firmware, LAX20 firmware, MR60 For multiple Netgear products such as firmware, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The NETGEAR R6700v3 is a Nighthawk AC1750 Smart Dual-Band Gigabit Router from NETGEAR",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-27647"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022073"
},
{
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"db": "CNVD",
"id": "CNVD-2025-17534"
},
{
"db": "VULMON",
"id": "CVE-2022-27647"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-27647",
"trust": 4.6
},
{
"db": "ZDI",
"id": "ZDI-22-524",
"trust": 3.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022073",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15874",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2025-17534",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022032410",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2064",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-27647",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"db": "CNVD",
"id": "CNVD-2025-17534"
},
{
"db": "VULMON",
"id": "CVE-2022-27647"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022073"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2064"
},
{
"db": "NVD",
"id": "CVE-2022-27647"
}
]
},
"id": "VAR-202203-1671",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-17534"
}
],
"trust": 0.9457551631578947
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-17534"
}
]
},
"last_update_date": "2025-08-06T22:55:28.120000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327"
},
{
"title": "Patch for NETGEAR R6700v3 Command Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/713026"
},
{
"title": "NETGEAR R6700v3 Fixes for operating system command injection vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=231217"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"db": "CNVD",
"id": "CNVD-2025-17534"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2064"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-022073"
},
{
"db": "NVD",
"id": "CVE-2022-27647"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-22-524/"
},
{
"trust": 3.2,
"url": "https://kb.netgear.com/000064723/security-advisory-for-multiple-vulnerabilities-on-multiple-products-psv-2021-0327"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-27647"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-27647/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022032410"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"db": "CNVD",
"id": "CNVD-2025-17534"
},
{
"db": "VULMON",
"id": "CVE-2022-27647"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022073"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2064"
},
{
"db": "NVD",
"id": "CVE-2022-27647"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"db": "CNVD",
"id": "CNVD-2025-17534"
},
{
"db": "VULMON",
"id": "CVE-2022-27647"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022073"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2064"
},
{
"db": "NVD",
"id": "CVE-2022-27647"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-23T00:00:00",
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"date": "2025-07-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-17534"
},
{
"date": "2023-03-29T00:00:00",
"db": "VULMON",
"id": "CVE-2022-27647"
},
{
"date": "2023-11-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-022073"
},
{
"date": "2022-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-2064"
},
{
"date": "2023-03-29T19:15:08.773000",
"db": "NVD",
"id": "CVE-2022-27647"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-23T00:00:00",
"db": "ZDI",
"id": "ZDI-22-524"
},
{
"date": "2025-08-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-17534"
},
{
"date": "2023-03-30T00:00:00",
"db": "VULMON",
"id": "CVE-2022-27647"
},
{
"date": "2023-11-15T03:22:00",
"db": "JVNDB",
"id": "JVNDB-2022-022073"
},
{
"date": "2023-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-2064"
},
{
"date": "2023-04-06T15:05:39.393000",
"db": "NVD",
"id": "CVE-2022-27647"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2064"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "in multiple NETGEAR products. \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-022073"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2064"
}
],
"trust": 0.6
}
}
VAR-202203-1668
Vulnerability from variot - Updated: 2025-08-06 22:55This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-15854. cax80 firmware, LAX20 firmware, MR60 Multiple Netgear products, including firmware, contain vulnerabilities related to unauthorized authentication.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The NETGEAR R6700v3 is the Nighthawk AC1750 Smart Dual-Band Gigabit Router from NETGEAR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202203-1668",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "lax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.34"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.126"
},
{
"model": "rax42",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.126"
},
{
"model": "rax50s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rax48",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.78"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.3.88"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.3.88"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.138"
},
{
"model": "mr80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.14"
},
{
"model": "ms80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.14"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.124"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.138"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.84"
},
{
"model": "rax40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.1.86"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.158"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.124"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "rax38",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.134"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.3.88"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "rax43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "cax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.1.3.7"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.84"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.138"
},
{
"model": "rax35",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.10.110"
},
{
"model": "r7960p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "lax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7850",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6900p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "cax80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7900p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax15",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700v3",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
},
{
"model": "r6700v3 1.0.4.120 10.0.91",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021793"
},
{
"db": "NVD",
"id": "CVE-2022-27642"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bugscale team",
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2054"
}
],
"trust": 1.3
},
"cve": "CVE-2022-27642",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2025-17536",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2022-27642",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2022-27642",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-27642",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2022-27642",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2022-27642",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2022-27642",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-27642",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2022-27642",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2025-17536",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202203-2054",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021793"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2054"
},
{
"db": "NVD",
"id": "CVE-2022-27642"
},
{
"db": "NVD",
"id": "CVE-2022-27642"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-15854. cax80 firmware, LAX20 firmware, MR60 Multiple Netgear products, including firmware, contain vulnerabilities related to unauthorized authentication.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The NETGEAR R6700v3 is the Nighthawk AC1750 Smart Dual-Band Gigabit Router from NETGEAR",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-27642"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021793"
},
{
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"db": "VULMON",
"id": "CVE-2022-27642"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-27642",
"trust": 4.6
},
{
"db": "ZDI",
"id": "ZDI-22-518",
"trust": 3.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021793",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15854",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2025-17536",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022032410",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2054",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-27642",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"db": "VULMON",
"id": "CVE-2022-27642"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021793"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2054"
},
{
"db": "NVD",
"id": "CVE-2022-27642"
}
]
},
"id": "VAR-202203-1668",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-17536"
}
],
"trust": 0.9457551631578947
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-17536"
}
]
},
"last_update_date": "2025-08-06T22:55:28.048000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327"
},
{
"title": "Patch for NETGEAR R6700v3 Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/713036"
},
{
"title": "NETGEAR R6700v3 Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=232028"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2054"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-863",
"trust": 1.0
},
{
"problemtype": "Illegal authentication (CWE-863) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-021793"
},
{
"db": "NVD",
"id": "CVE-2022-27642"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-22-518/"
},
{
"trust": 3.2,
"url": "https://kb.netgear.com/000064723/security-advisory-for-multiple-vulnerabilities-on-multiple-products-psv-2021-0327"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-27642"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-27642/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022032410"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/863.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"db": "VULMON",
"id": "CVE-2022-27642"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021793"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2054"
},
{
"db": "NVD",
"id": "CVE-2022-27642"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"db": "VULMON",
"id": "CVE-2022-27642"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021793"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2054"
},
{
"db": "NVD",
"id": "CVE-2022-27642"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-23T00:00:00",
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"date": "2025-07-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"date": "2023-03-29T00:00:00",
"db": "VULMON",
"id": "CVE-2022-27642"
},
{
"date": "2023-11-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-021793"
},
{
"date": "2022-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-2054"
},
{
"date": "2023-03-29T19:15:08.407000",
"db": "NVD",
"id": "CVE-2022-27642"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-23T00:00:00",
"db": "ZDI",
"id": "ZDI-22-518"
},
{
"date": "2025-08-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"date": "2023-03-30T00:00:00",
"db": "VULMON",
"id": "CVE-2022-27642"
},
{
"date": "2023-11-14T04:15:00",
"db": "JVNDB",
"id": "JVNDB-2022-021793"
},
{
"date": "2023-04-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-2054"
},
{
"date": "2023-04-05T14:53:25.610000",
"db": "NVD",
"id": "CVE-2022-27642"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2054"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR R6700v3 Information Disclosure Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-17536"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2054"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2054"
}
],
"trust": 0.6
}
}
VAR-202505-0219
Vulnerability from variot - Updated: 2025-05-30 23:29NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function. of netgear RAX50 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX5 is a wireless router from NETGEAR. An attacker can exploit this vulnerability to execute arbitrary commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202505-0219",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax50",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.26"
},
{
"model": "rax50",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax50",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax50 firmware 1.0.2.26"
},
{
"model": "rax50",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax5",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.2.26"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11067"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004462"
},
{
"db": "NVD",
"id": "CVE-2024-57234"
}
]
},
"cve": "CVE-2024-57234",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-11067",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2024-57234",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2024-57234",
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2024-57234",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2024-57234",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-57234",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2024-57234",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2025-11067",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11067"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004462"
},
{
"db": "NVD",
"id": "CVE-2024-57234"
},
{
"db": "NVD",
"id": "CVE-2024-57234"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function. of netgear RAX50 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX5 is a wireless router from NETGEAR. An attacker can exploit this vulnerability to execute arbitrary commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-57234"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004462"
},
{
"db": "CNVD",
"id": "CNVD-2025-11067"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-57234",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004462",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-11067",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11067"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004462"
},
{
"db": "NVD",
"id": "CVE-2024-57234"
}
]
},
"id": "VAR-202505-0219",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11067"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11067"
}
]
},
"last_update_date": "2025-05-30T23:29:21.307000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR RAX5 apcli_cancel_wps function command injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/692071"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11067"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": " Command injection (CWE-77) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-004462"
},
{
"db": "NVD",
"id": "CVE-2024-57234"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/yanggao017/vuln/blob/main/netgear/rax5/ci_5_apcli_cancel_wps/readme.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-57234"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11067"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004462"
},
{
"db": "NVD",
"id": "CVE-2024-57234"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-11067"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004462"
},
{
"db": "NVD",
"id": "CVE-2024-57234"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11067"
},
{
"date": "2025-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-004462"
},
{
"date": "2025-05-05T17:18:46.403000",
"db": "NVD",
"id": "CVE-2024-57234"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11067"
},
{
"date": "2025-05-08T06:40:00",
"db": "JVNDB",
"id": "JVNDB-2025-004462"
},
{
"date": "2025-05-07T16:42:00.667000",
"db": "NVD",
"id": "CVE-2024-57234"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX50\u00a0 Command injection vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-004462"
}
],
"trust": 0.8
}
}
VAR-202505-0242
Vulnerability from variot - Updated: 2025-05-30 23:23NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function. of netgear RAX50 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX5 is a wireless router from NETGEAR. An attacker can exploit this vulnerability to execute arbitrary commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202505-0242",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax50",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.26"
},
{
"model": "rax50",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax50",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax50 firmware 1.0.2.26"
},
{
"model": "rax50",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax5",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.2.26"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11069"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004454"
},
{
"db": "NVD",
"id": "CVE-2024-57232"
}
]
},
"cve": "CVE-2024-57232",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-11069",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2024-57232",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2024-57232",
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2024-57232",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2024-57232",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-57232",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2024-57232",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2025-11069",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11069"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004454"
},
{
"db": "NVD",
"id": "CVE-2024-57232"
},
{
"db": "NVD",
"id": "CVE-2024-57232"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function. of netgear RAX50 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX5 is a wireless router from NETGEAR. An attacker can exploit this vulnerability to execute arbitrary commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-57232"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004454"
},
{
"db": "CNVD",
"id": "CNVD-2025-11069"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-57232",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004454",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-11069",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11069"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004454"
},
{
"db": "NVD",
"id": "CVE-2024-57232"
}
]
},
"id": "VAR-202505-0242",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11069"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11069"
}
]
},
"last_update_date": "2025-05-30T23:23:08.201000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR RAX5 apcli_wps_gen_pincode function command injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/692091"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11069"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [ others ]",
"trust": 0.8
},
{
"problemtype": " Command injection (CWE-77) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-004454"
},
{
"db": "NVD",
"id": "CVE-2024-57232"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/yanggao017/vuln/blob/main/netgear/rax5/ci_6_apcli_wps_gen_pincode/readme.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-57232"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11069"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004454"
},
{
"db": "NVD",
"id": "CVE-2024-57232"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-11069"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004454"
},
{
"db": "NVD",
"id": "CVE-2024-57232"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11069"
},
{
"date": "2025-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-004454"
},
{
"date": "2025-05-05T17:18:46.140000",
"db": "NVD",
"id": "CVE-2024-57232"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11069"
},
{
"date": "2025-05-08T05:48:00",
"db": "JVNDB",
"id": "JVNDB-2025-004454"
},
{
"date": "2025-05-07T16:41:38.867000",
"db": "NVD",
"id": "CVE-2024-57232"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX50\u00a0 Command injection vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-004454"
}
],
"trust": 0.8
}
}
VAR-202505-0171
Vulnerability from variot - Updated: 2025-05-30 23:22NETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function. of netgear RAX50 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX5 is a wireless router from NETGEAR. Attackers can exploit this vulnerability to execute arbitrary commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202505-0171",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax50",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.26"
},
{
"model": "rax50",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax50",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax50 firmware 1.0.2.26"
},
{
"model": "rax50",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax5",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.2.26"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11071"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004427"
},
{
"db": "NVD",
"id": "CVE-2024-57233"
}
]
},
"cve": "CVE-2024-57233",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-11071",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2024-57233",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2024-57233",
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2024-57233",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2024-57233",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-57233",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2024-57233",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2025-11071",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11071"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004427"
},
{
"db": "NVD",
"id": "CVE-2024-57233"
},
{
"db": "NVD",
"id": "CVE-2024-57233"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function. of netgear RAX50 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX5 is a wireless router from NETGEAR. Attackers can exploit this vulnerability to execute arbitrary commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-57233"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004427"
},
{
"db": "CNVD",
"id": "CNVD-2025-11071"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-57233",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004427",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-11071",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11071"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004427"
},
{
"db": "NVD",
"id": "CVE-2024-57233"
}
]
},
"id": "VAR-202505-0171",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11071"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11071"
}
]
},
"last_update_date": "2025-05-30T23:22:03.064000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR RAX5 vif_disable function command injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/692101"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11071"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [ others ]",
"trust": 0.8
},
{
"problemtype": " Command injection (CWE-77) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-004427"
},
{
"db": "NVD",
"id": "CVE-2024-57233"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/yanggao017/vuln/blob/main/netgear/rax5/ci_1_vif_disable/readme.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-57233"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11071"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004427"
},
{
"db": "NVD",
"id": "CVE-2024-57233"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-11071"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004427"
},
{
"db": "NVD",
"id": "CVE-2024-57233"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11071"
},
{
"date": "2025-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-004427"
},
{
"date": "2025-05-05T17:18:46.273000",
"db": "NVD",
"id": "CVE-2024-57233"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11071"
},
{
"date": "2025-05-08T04:42:00",
"db": "JVNDB",
"id": "JVNDB-2025-004427"
},
{
"date": "2025-05-07T16:41:55.083000",
"db": "NVD",
"id": "CVE-2024-57233"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX50\u00a0 Command injection vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-004427"
}
],
"trust": 0.8
}
}
VAR-202505-0127
Vulnerability from variot - Updated: 2025-05-30 23:21NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function. of netgear RAX50 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX5 is a wireless router from NETGEAR. Attackers can exploit this vulnerability to execute arbitrary commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202505-0127",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax50",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.26"
},
{
"model": "rax50",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax50",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax50 firmware 1.0.2.26"
},
{
"model": "rax50",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax5",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.2.26"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11072"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004453"
},
{
"db": "NVD",
"id": "CVE-2024-57235"
}
]
},
"cve": "CVE-2024-57235",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-11072",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2024-57235",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2024-57235",
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2024-57235",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2024-57235",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-57235",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2024-57235",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2025-11072",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11072"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004453"
},
{
"db": "NVD",
"id": "CVE-2024-57235"
},
{
"db": "NVD",
"id": "CVE-2024-57235"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function. of netgear RAX50 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX5 is a wireless router from NETGEAR. Attackers can exploit this vulnerability to execute arbitrary commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-57235"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004453"
},
{
"db": "CNVD",
"id": "CNVD-2025-11072"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-57235",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004453",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-11072",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11072"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004453"
},
{
"db": "NVD",
"id": "CVE-2024-57235"
}
]
},
"id": "VAR-202505-0127",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11072"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11072"
}
]
},
"last_update_date": "2025-05-30T23:21:28.022000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR RAX5 vif_enable function command injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/692111"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11072"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [ others ]",
"trust": 0.8
},
{
"problemtype": " Command injection (CWE-77) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-004453"
},
{
"db": "NVD",
"id": "CVE-2024-57235"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/yanggao017/vuln/blob/main/netgear/rax5/ci_2_vif_enable/readme.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-57235"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11072"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004453"
},
{
"db": "NVD",
"id": "CVE-2024-57235"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-11072"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004453"
},
{
"db": "NVD",
"id": "CVE-2024-57235"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11072"
},
{
"date": "2025-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-004453"
},
{
"date": "2025-05-05T17:18:46.530000",
"db": "NVD",
"id": "CVE-2024-57235"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11072"
},
{
"date": "2025-05-08T05:48:00",
"db": "JVNDB",
"id": "JVNDB-2025-004453"
},
{
"date": "2025-05-07T16:42:10.703000",
"db": "NVD",
"id": "CVE-2024-57235"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX50\u00a0 Command injection vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-004453"
}
],
"trust": 0.8
}
}
VAR-202505-0243
Vulnerability from variot - Updated: 2025-05-30 23:20NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. of netgear RAX50 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX5 is a wireless router from NETGEAR. The vulnerability is caused by improper processing of the ifname parameter in the apcli_do_enr_pin_wps function. Attackers can exploit this vulnerability to launch attacks, causing the system to be damaged or controlled
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202505-0243",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax50",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.26"
},
{
"model": "rax50",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax50",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax50 firmware 1.0.2.26"
},
{
"model": "rax50",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax5",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.2.26"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11084"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004428"
},
{
"db": "NVD",
"id": "CVE-2024-57230"
}
]
},
"cve": "CVE-2024-57230",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-11084",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2024-57230",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2024-57230",
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2024-57230",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2024-57230",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-57230",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2024-57230",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2025-11084",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11084"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004428"
},
{
"db": "NVD",
"id": "CVE-2024-57230"
},
{
"db": "NVD",
"id": "CVE-2024-57230"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. of netgear RAX50 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX5 is a wireless router from NETGEAR. The vulnerability is caused by improper processing of the ifname parameter in the apcli_do_enr_pin_wps function. Attackers can exploit this vulnerability to launch attacks, causing the system to be damaged or controlled",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-57230"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004428"
},
{
"db": "CNVD",
"id": "CNVD-2025-11084"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-57230",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004428",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-11084",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11084"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004428"
},
{
"db": "NVD",
"id": "CVE-2024-57230"
}
]
},
"id": "VAR-202505-0243",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11084"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11084"
}
]
},
"last_update_date": "2025-05-30T23:20:16.528000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR RAX50 Command Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/692126"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11084"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [ others ]",
"trust": 0.8
},
{
"problemtype": " Command injection (CWE-77) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-004428"
},
{
"db": "NVD",
"id": "CVE-2024-57230"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/yanggao017/vuln/blob/main/netgear/rax5/ci_3_apcli_do_enr_pin_wps/readme.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-57230"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11084"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004428"
},
{
"db": "NVD",
"id": "CVE-2024-57230"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-11084"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004428"
},
{
"db": "NVD",
"id": "CVE-2024-57230"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11084"
},
{
"date": "2025-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-004428"
},
{
"date": "2025-05-05T17:18:45.873000",
"db": "NVD",
"id": "CVE-2024-57230"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11084"
},
{
"date": "2025-05-08T04:42:00",
"db": "JVNDB",
"id": "JVNDB-2025-004428"
},
{
"date": "2025-05-07T16:41:09.757000",
"db": "NVD",
"id": "CVE-2024-57230"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX50\u00a0 Command injection vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-004428"
}
],
"trust": 0.8
}
}
VAR-202505-0152
Vulnerability from variot - Updated: 2025-05-30 23:16NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function. of netgear RAX50 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX5 is a wireless router from NETGEAR. An attacker can exploit this vulnerability to execute arbitrary commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202505-0152",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax50",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.26"
},
{
"model": "rax50",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax50 firmware 1.0.2.26"
},
{
"model": "rax50",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax50",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax5",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.2.26"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11068"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004542"
},
{
"db": "NVD",
"id": "CVE-2024-57231"
}
]
},
"cve": "CVE-2024-57231",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-11068",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2024-57231",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2024-57231",
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2024-57231",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2024-57231",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-57231",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2024-57231",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2025-11068",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11068"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004542"
},
{
"db": "NVD",
"id": "CVE-2024-57231"
},
{
"db": "NVD",
"id": "CVE-2024-57231"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function. of netgear RAX50 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX5 is a wireless router from NETGEAR. An attacker can exploit this vulnerability to execute arbitrary commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-57231"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004542"
},
{
"db": "CNVD",
"id": "CNVD-2025-11068"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-57231",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004542",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-11068",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11068"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004542"
},
{
"db": "NVD",
"id": "CVE-2024-57231"
}
]
},
"id": "VAR-202505-0152",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11068"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11068"
}
]
},
"last_update_date": "2025-05-30T23:16:45.171000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR RAX5 apcli_do_enr_pbc_wps function command injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/692081"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11068"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": " Command injection (CWE-77) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-004542"
},
{
"db": "NVD",
"id": "CVE-2024-57231"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/yanggao017/vuln/blob/main/netgear/rax5/ci_4_apcli_do_enr_pbc_wps/readme.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-57231"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11068"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004542"
},
{
"db": "NVD",
"id": "CVE-2024-57231"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-11068"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004542"
},
{
"db": "NVD",
"id": "CVE-2024-57231"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11068"
},
{
"date": "2025-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-004542"
},
{
"date": "2025-05-05T17:18:46",
"db": "NVD",
"id": "CVE-2024-57231"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11068"
},
{
"date": "2025-05-09T00:50:00",
"db": "JVNDB",
"id": "JVNDB-2025-004542"
},
{
"date": "2025-05-07T16:41:31.933000",
"db": "NVD",
"id": "CVE-2024-57231"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX50\u00a0 Command injection vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-004542"
}
],
"trust": 0.8
}
}
VAR-202505-0151
Vulnerability from variot - Updated: 2025-05-30 23:07NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function. of netgear RAX50 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX5 is a wireless router from NETGEAR. An attacker can exploit this vulnerability to execute arbitrary commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202505-0151",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax50",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.26"
},
{
"model": "rax50",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": "rax50 firmware 1.0.2.26"
},
{
"model": "rax50",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax50",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax5",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.2.26"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11070"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004543"
},
{
"db": "NVD",
"id": "CVE-2024-57229"
}
]
},
"cve": "CVE-2024-57229",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-11070",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2024-57229",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2024-57229",
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2024-57229",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2024-57229",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-57229",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2024-57229",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2025-11070",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11070"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004543"
},
{
"db": "NVD",
"id": "CVE-2024-57229"
},
{
"db": "NVD",
"id": "CVE-2024-57229"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function. of netgear RAX50 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX5 is a wireless router from NETGEAR. An attacker can exploit this vulnerability to execute arbitrary commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-57229"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004543"
},
{
"db": "CNVD",
"id": "CNVD-2025-11070"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-57229",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004543",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-11070",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11070"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004543"
},
{
"db": "NVD",
"id": "CVE-2024-57229"
}
]
},
"id": "VAR-202505-0151",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11070"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11070"
}
]
},
"last_update_date": "2025-05-30T23:07:03.192000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR RAX5 reset_wifi function command injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/692096"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11070"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": " Command injection (CWE-77) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-004543"
},
{
"db": "NVD",
"id": "CVE-2024-57229"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/yanggao017/vuln/blob/main/netgear/rax5/ci_7_reset_wifi/readme.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-57229"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11070"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004543"
},
{
"db": "NVD",
"id": "CVE-2024-57229"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-11070"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-004543"
},
{
"db": "NVD",
"id": "CVE-2024-57229"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11070"
},
{
"date": "2025-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-004543"
},
{
"date": "2025-05-05T17:18:45.743000",
"db": "NVD",
"id": "CVE-2024-57229"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11070"
},
{
"date": "2025-05-09T00:50:00",
"db": "JVNDB",
"id": "JVNDB-2025-004543"
},
{
"date": "2025-05-07T16:40:47.043000",
"db": "NVD",
"id": "CVE-2024-57229"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of netgear \u00a0RAX50\u00a0 Command injection vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-004543"
}
],
"trust": 0.8
}
}
VAR-202112-2278
Vulnerability from variot - Updated: 2024-11-23 23:11Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.62, EX7500 before 1.0.0.72, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.4.120, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.4.120, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.4.120, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with. This affects CBR40 prior to 2.5.0.10, EAX80 prior to 1.0.1.62, EX7500 prior to 1.0.0.72, R7900 prior to 1.0.4.38, R8000 prior to 1.0.4.68, RAX200 prior to 1.0.4.120, RBS40V prior to 2.6.1.4, RBW30 prior to 2.6.1.4, MR60 prior to 1.0.6.110, RAX20 prior to 1.0.2.82, RAX45 prior to 1.0.2.72, RAX80 prior to 1.0.4.120, MS60 prior to 1.0.6.110, RAX15 prior to 1.0.2.82, RAX50 prior to 1.0.2.72, RAX75 prior to 1.0.4.120, RBR750 prior to 3.2.16.6, RBR850 prior to 3.2.16.6, RBS750 prior to 3.2.16.6, RBS850 prior to 3.2.16.6, RBK752 prior to 3.2.16.6, and RBK852 prior to 3.2.16.6
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202112-2278",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbs40v",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.4"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.72"
},
{
"model": "rbk752",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.38"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.68"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.82"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.110"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.110"
},
{
"model": "ex7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "rbw30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.4"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.82"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "eax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.72"
},
{
"model": "cbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.5.0.10"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax15",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax45",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rbr750",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax50",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax75",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017027"
},
{
"db": "NVD",
"id": "CVE-2021-45671"
}
]
},
"cve": "CVE-2021-45671",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2021-45671",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.7,
"id": "CVE-2021-45671",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 0.7,
"id": "CVE-2021-45671",
"impactScore": 5.3,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.8,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2021-45671",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "High",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-45671",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-45671",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-45671",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202112-2465",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-45671",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45671"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017027"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2465"
},
{
"db": "NVD",
"id": "CVE-2021-45671"
},
{
"db": "NVD",
"id": "CVE-2021-45671"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.62, EX7500 before 1.0.0.72, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.4.120, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.4.120, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.4.120, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with. This affects CBR40 prior to 2.5.0.10, EAX80 prior to 1.0.1.62, EX7500 prior to 1.0.0.72, R7900 prior to 1.0.4.38, R8000 prior to 1.0.4.68, RAX200 prior to 1.0.4.120, RBS40V prior to 2.6.1.4, RBW30 prior to 2.6.1.4, MR60 prior to 1.0.6.110, RAX20 prior to 1.0.2.82, RAX45 prior to 1.0.2.72, RAX80 prior to 1.0.4.120, MS60 prior to 1.0.6.110, RAX15 prior to 1.0.2.82, RAX50 prior to 1.0.2.72, RAX75 prior to 1.0.4.120, RBR750 prior to 3.2.16.6, RBR850 prior to 3.2.16.6, RBS750 prior to 3.2.16.6, RBS850 prior to 3.2.16.6, RBK752 prior to 3.2.16.6, and RBK852 prior to 3.2.16.6",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-45671"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017027"
},
{
"db": "VULMON",
"id": "CVE-2021-45671"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-45671",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017027",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2465",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-45671",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45671"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017027"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2465"
},
{
"db": "NVD",
"id": "CVE-2021-45671"
}
]
},
"id": "VAR-202112-2278",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.25279196375
},
"last_update_date": "2024-11-23T23:11:03.123000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Stored\u00a0Cross\u00a0Site\u00a0Scripting\u00a0on\u00a0Some\u00a0Routers,\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0261",
"trust": 0.8,
"url": "https://kb.netgear.com/000064482/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0261"
},
{
"title": "Netgear RBR750 and NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=175884"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017027"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2465"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
},
{
"problemtype": "Cross-site scripting (CWE-79) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017027"
},
{
"db": "NVD",
"id": "CVE-2021-45671"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000064482/security-advisory-for-stored-cross-site-scripting-on-some-routers-extenders-and-wifi-systems-psv-2020-0261"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45671"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45671"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017027"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2465"
},
{
"db": "NVD",
"id": "CVE-2021-45671"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-45671"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017027"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2465"
},
{
"db": "NVD",
"id": "CVE-2021-45671"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45671"
},
{
"date": "2022-12-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-017027"
},
{
"date": "2021-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2465"
},
{
"date": "2021-12-26T01:15:21.057000",
"db": "NVD",
"id": "CVE-2021-45671"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-01-05T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45671"
},
{
"date": "2022-12-28T00:05:00",
"db": "JVNDB",
"id": "JVNDB-2021-017027"
},
{
"date": "2022-01-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2465"
},
{
"date": "2024-11-21T06:32:50.550000",
"db": "NVD",
"id": "CVE-2021-45671"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2465"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Cross-site scripting vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017027"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2465"
}
],
"trust": 0.6
}
}
VAR-202112-2327
Vulnerability from variot - Updated: 2024-11-23 23:07Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6400 before 1.0.1.70, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects CBR40 prior to 2.5.0.24, CBR750 prior to 4.6.3.6, EAX20 prior to 1.0.0.58, EAX80 prior to 1.0.1.68, EX7500 prior to 1.0.0.74, LAX20 prior to 1.1.6.28, MK62 prior to 1.0.6.116, MR60 prior to 1.0.6.116, MS60 prior to 1.0.6.116, R6400 prior to 1.0.1.70, R6400v2 prior to 1.0.4.118, R6700v3 prior to 1.0.4.118, R6900P prior to 1.3.3.140, R7000 prior to 1.0.11.116, R7000P prior to 1.3.3.140, R7850 prior to 1.0.5.68, R7900 prior to 1.0.4.38, R7900P prior to 1.4.2.84, R7960P prior to 1.4.2.84, R8000 prior to 1.0.4.68, R8000P prior to 1.4.2.84, RAX15 prior to 1.0.3.96, RAX20 prior to 1.0.3.96, RAX200 prior to 1.0.4.120, RAX35v2 prior to 1.0.3.96, RAX40v2 prior to 1.0.3.96, RAX43 prior to 1.0.3.96, RAX45 prior to 1.0.3.96, RAX50 prior to 1.0.3.96, RAX75 prior to 1.0.4.120, RAX80 prior to 1.0.4.120, RBK752 prior to 3.2.17.12, RBK852 prior to 3.2.17.12, RBR750 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBS750 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, RS400 prior to 1.5.1.80, XR1000 prior to 1.0.0.58, and XR300 prior to 1.0.3.68
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202112-2327",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.116"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.70"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.116"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.68"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.118"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "rbk752",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "eax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "rax43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "eax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.68"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.1.80"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.140"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "cbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.5.0.24"
},
{
"model": "cbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "4.6.3.6"
},
{
"model": "xr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.38"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "lax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.28"
},
{
"model": "rax40v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.118"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.140"
},
{
"model": "rax35v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "xr300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.68"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.116"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "mk62",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.116"
},
{
"model": "ex7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.68"
},
{
"model": "ex7500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "eax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "cbr750",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "lax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "eax80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "cbr40",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mk62",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"db": "NVD",
"id": "CVE-2021-45622"
}
]
},
"cve": "CVE-2021-45622",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2021-45622",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-45622",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-45622",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-45622",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-45622",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-45622",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2021-45622",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202112-2418",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2418"
},
{
"db": "NVD",
"id": "CVE-2021-45622"
},
{
"db": "NVD",
"id": "CVE-2021-45622"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6400 before 1.0.1.70, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects CBR40 prior to 2.5.0.24, CBR750 prior to 4.6.3.6, EAX20 prior to 1.0.0.58, EAX80 prior to 1.0.1.68, EX7500 prior to 1.0.0.74, LAX20 prior to 1.1.6.28, MK62 prior to 1.0.6.116, MR60 prior to 1.0.6.116, MS60 prior to 1.0.6.116, R6400 prior to 1.0.1.70, R6400v2 prior to 1.0.4.118, R6700v3 prior to 1.0.4.118, R6900P prior to 1.3.3.140, R7000 prior to 1.0.11.116, R7000P prior to 1.3.3.140, R7850 prior to 1.0.5.68, R7900 prior to 1.0.4.38, R7900P prior to 1.4.2.84, R7960P prior to 1.4.2.84, R8000 prior to 1.0.4.68, R8000P prior to 1.4.2.84, RAX15 prior to 1.0.3.96, RAX20 prior to 1.0.3.96, RAX200 prior to 1.0.4.120, RAX35v2 prior to 1.0.3.96, RAX40v2 prior to 1.0.3.96, RAX43 prior to 1.0.3.96, RAX45 prior to 1.0.3.96, RAX50 prior to 1.0.3.96, RAX75 prior to 1.0.4.120, RAX80 prior to 1.0.4.120, RBK752 prior to 3.2.17.12, RBK852 prior to 3.2.17.12, RBR750 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBS750 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, RS400 prior to 1.5.1.80, XR1000 prior to 1.0.0.58, and XR300 prior to 1.0.3.68",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-45622"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"db": "VULMON",
"id": "CVE-2021-45622"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-45622",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017541",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2418",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-45622",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45622"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2418"
},
{
"db": "NVD",
"id": "CVE-2021-45622"
}
]
},
"id": "VAR-202112-2327",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3053594013333333
},
"last_update_date": "2024-11-23T23:07:30.624000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Pre-Authentication\u00a0Command\u00a0Injection\u00a0on\u00a0Some\u00a0Routers,\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0506",
"trust": 0.8,
"url": "https://kb.netgear.com/000064499/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0506"
},
{
"title": "Netgear RBR750 and NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176397"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2418"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"db": "NVD",
"id": "CVE-2021-45622"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000064509/security-advisory-for-pre-authentication-command-injection-on-some-routers-extender-wifi-systems-psv-2020-0506"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45622"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45622"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2418"
},
{
"db": "NVD",
"id": "CVE-2021-45622"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-45622"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2418"
},
{
"db": "NVD",
"id": "CVE-2021-45622"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45622"
},
{
"date": "2023-01-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"date": "2021-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2418"
},
{
"date": "2021-12-26T01:15:18.810000",
"db": "NVD",
"id": "CVE-2021-45622"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-27T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45622"
},
{
"date": "2023-01-25T02:01:00",
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"date": "2022-01-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2418"
},
{
"date": "2024-11-21T06:32:42.160000",
"db": "NVD",
"id": "CVE-2021-45622"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2418"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Command injection vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017541"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2418"
}
],
"trust": 0.6
}
}
VAR-202103-1271
Vulnerability from variot - Updated: 2024-11-23 23:04Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.26, R7850 before 1.0.5.60, R8000 before 1.0.4.58, RS400 before 1.5.0.48, R6400 before 1.0.1.62, R6700 before 1.0.2.16, R6900 before 1.0.2.16, MK60 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, CBR40 before 2.5.0.10, R8000P before 1.4.1.62, R7960P before 1.4.1.62, R7900P before 1.4.1.62, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, EX7500 before 1.0.0.68, EAX80 before 1.0.1.62, EAX20 before 1.0.0.36, RBK752 before 3.2.16.6, RBK753 before 3.2.16.6, RBK753S before 3.2.16.6, RBK754 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBK853 before 3.2.16.6, RBK854 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6850 before 1.1.0.76, R6350 before 1.1.0.76, R6330 before 1.1.0.76, D7800 before 1.0.1.58, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK40 before 2.6.1.36, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK23 before 2.6.1.36, RBR20 before 2.6.1.38, RBS20 before 2.6.1.38, RBK12 before 2.6.1.44, RBK13 before 2.6.1.44, RBK14 before 2.6.1.44, RBK15 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, R6800 before 1.2.0.72, R6900v2 before 1.2.0.72, R6700v2 before 1.2.0.72, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, R7800 before 1.0.2.74, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, XR450 before 2.3.2.66, XR500 before 2.3.2.66, XR700 before 1.0.1.34, and XR300 before 1.0.3.50. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. This affects R6700v3 prior to 1.0.4.98, R6400v2 prior to 1.0.4.98, R7000 prior to 1.0.11.106, R6900P prior to 1.3.2.124, R7000P prior to 1.3.2.124, R7900 prior to 1.0.4.26, R7850 prior to 1.0.5.60, R8000 prior to 1.0.4.58, RS400 prior to 1.5.0.48, R6400 prior to 1.0.1.62, R6700 prior to 1.0.2.16, R6900 prior to 1.0.2.16, MK60 prior to 1.0.5.102, MR60 prior to 1.0.5.102, MS60 prior to 1.0.5.102, CBR40 prior to 2.5.0.10, R8000P prior to 1.4.1.62, R7960P prior to 1.4.1.62, R7900P prior to 1.4.1.62, RAX15 prior to 1.0.1.64, RAX20 prior to 1.0.1.64, RAX75 prior to 1.0.3.102, RAX80 prior to 1.0.3.102, RAX200 prior to 1.0.2.102, RAX45 prior to 1.0.2.64, RAX50 prior to 1.0.2.64, EX7500 prior to 1.0.0.68, EAX80 prior to 1.0.1.62, EAX20 prior to 1.0.0.36, RBK752 prior to 3.2.16.6, RBK753 prior to 3.2.16.6, RBK753S prior to 3.2.16.6, RBK754 prior to 3.2.16.6, RBR750 prior to 3.2.16.6, RBS750 prior to 3.2.16.6, RBK852 prior to 3.2.16.6, RBK853 prior to 3.2.16.6, RBK854 prior to 3.2.16.6, RBR850 prior to 3.2.16.6, RBS850 prior to 3.2.16.6, RBR840 prior to 3.2.16.6, RBS840 prior to 3.2.16.6, R6120 prior to 1.0.0.70, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6260 prior to 1.1.0.76, R6850 prior to 1.1.0.76, R6350 prior to 1.1.0.76, R6330 prior to 1.1.0.76, D7800 prior to 1.0.1.58, RBK50 prior to 2.6.1.40, RBR50 prior to 2.6.1.40, RBS50 prior to 2.6.1.40, RBK40 prior to 2.6.1.36, RBR40 prior to 2.6.1.36, RBS40 prior to 2.6.1.38, RBK23 prior to 2.6.1.36, RBR20 prior to 2.6.1.38, RBS20 prior to 2.6.1.38, RBK12 prior to 2.6.1.44, RBK13 prior to 2.6.1.44, RBK14 prior to 2.6.1.44, RBK15 prior to 2.6.1.44, RBR10 prior to 2.6.1.44, RBS10 prior to 2.6.1.44, R6800 prior to 1.2.0.72, R6900v2 prior to 1.2.0.72, R6700v2 prior to 1.2.0.72, R7200 prior to 1.2.0.72, R7350 prior to 1.2.0.72, R7400 prior to 1.2.0.72, R7450 prior to 1.2.0.72, AC2100 prior to 1.2.0.72, AC2400 prior to 1.2.0.72, AC2600 prior to 1.2.0.72, R7800 prior to 1.0.2.74, R8900 prior to 1.0.5.24, R9000 prior to 1.0.5.24, RAX120 prior to 1.0.1.136, XR450 prior to 2.3.2.66, XR500 prior to 2.3.2.66, XR700 prior to 1.0.1.34, and XR300 prior to 1.0.3.50
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202103-1271",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.102"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.102"
},
{
"model": "r7400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "rbr50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.40"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r7350",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbk50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.40"
},
{
"model": "rbk12",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.36"
},
{
"model": "rbs10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "rax120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.136"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.102"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.24"
},
{
"model": "rbk854",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "eax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "ac2100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "rbk753",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "xr300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.50"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.58"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.64"
},
{
"model": "rbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.38"
},
{
"model": "r6260",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "r8900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.24"
},
{
"model": "rbk14",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "r6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "xr700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "ex7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "rbk23",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.36"
},
{
"model": "xr500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.66"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.62"
},
{
"model": "rbk15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "ac2600",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "rbs50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.40"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.64"
},
{
"model": "rbs20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.38"
},
{
"model": "cbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.5.0.10"
},
{
"model": "ac2400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "r6330",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.62"
},
{
"model": "rbk853",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.2.124"
},
{
"model": "r6800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "xr450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.66"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.98"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.0.48"
},
{
"model": "r6350",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.98"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.106"
},
{
"model": "rbk13",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.60"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.102"
},
{
"model": "eax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r7200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.58"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.102"
},
{
"model": "rbk754",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.64"
},
{
"model": "rbk753s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r6230",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "rbs40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.38"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.64"
},
{
"model": "rbk752",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r6850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "rbk40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.36"
},
{
"model": "r7450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.62"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.2.124"
},
{
"model": "mk60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.102"
},
{
"model": "rbr10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "r6900p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7850",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7900",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"db": "NVD",
"id": "CVE-2021-29068"
}
]
},
"cve": "CVE-2021-29068",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2021-29068",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-29068",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"id": "CVE-2021-29068",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-29068",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-29068",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-29068",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2021-29068",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202103-1360",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-29068",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-29068"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-1360"
},
{
"db": "NVD",
"id": "CVE-2021-29068"
},
{
"db": "NVD",
"id": "CVE-2021-29068"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.26, R7850 before 1.0.5.60, R8000 before 1.0.4.58, RS400 before 1.5.0.48, R6400 before 1.0.1.62, R6700 before 1.0.2.16, R6900 before 1.0.2.16, MK60 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, CBR40 before 2.5.0.10, R8000P before 1.4.1.62, R7960P before 1.4.1.62, R7900P before 1.4.1.62, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, EX7500 before 1.0.0.68, EAX80 before 1.0.1.62, EAX20 before 1.0.0.36, RBK752 before 3.2.16.6, RBK753 before 3.2.16.6, RBK753S before 3.2.16.6, RBK754 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBK853 before 3.2.16.6, RBK854 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6850 before 1.1.0.76, R6350 before 1.1.0.76, R6330 before 1.1.0.76, D7800 before 1.0.1.58, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK40 before 2.6.1.36, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK23 before 2.6.1.36, RBR20 before 2.6.1.38, RBS20 before 2.6.1.38, RBK12 before 2.6.1.44, RBK13 before 2.6.1.44, RBK14 before 2.6.1.44, RBK15 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, R6800 before 1.2.0.72, R6900v2 before 1.2.0.72, R6700v2 before 1.2.0.72, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, R7800 before 1.0.2.74, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, XR450 before 2.3.2.66, XR500 before 2.3.2.66, XR700 before 1.0.1.34, and XR300 before 1.0.3.50. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. This affects R6700v3 prior to 1.0.4.98, R6400v2 prior to 1.0.4.98, R7000 prior to 1.0.11.106, R6900P prior to 1.3.2.124, R7000P prior to 1.3.2.124, R7900 prior to 1.0.4.26, R7850 prior to 1.0.5.60, R8000 prior to 1.0.4.58, RS400 prior to 1.5.0.48, R6400 prior to 1.0.1.62, R6700 prior to 1.0.2.16, R6900 prior to 1.0.2.16, MK60 prior to 1.0.5.102, MR60 prior to 1.0.5.102, MS60 prior to 1.0.5.102, CBR40 prior to 2.5.0.10, R8000P prior to 1.4.1.62, R7960P prior to 1.4.1.62, R7900P prior to 1.4.1.62, RAX15 prior to 1.0.1.64, RAX20 prior to 1.0.1.64, RAX75 prior to 1.0.3.102, RAX80 prior to 1.0.3.102, RAX200 prior to 1.0.2.102, RAX45 prior to 1.0.2.64, RAX50 prior to 1.0.2.64, EX7500 prior to 1.0.0.68, EAX80 prior to 1.0.1.62, EAX20 prior to 1.0.0.36, RBK752 prior to 3.2.16.6, RBK753 prior to 3.2.16.6, RBK753S prior to 3.2.16.6, RBK754 prior to 3.2.16.6, RBR750 prior to 3.2.16.6, RBS750 prior to 3.2.16.6, RBK852 prior to 3.2.16.6, RBK853 prior to 3.2.16.6, RBK854 prior to 3.2.16.6, RBR850 prior to 3.2.16.6, RBS850 prior to 3.2.16.6, RBR840 prior to 3.2.16.6, RBS840 prior to 3.2.16.6, R6120 prior to 1.0.0.70, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6260 prior to 1.1.0.76, R6850 prior to 1.1.0.76, R6350 prior to 1.1.0.76, R6330 prior to 1.1.0.76, D7800 prior to 1.0.1.58, RBK50 prior to 2.6.1.40, RBR50 prior to 2.6.1.40, RBS50 prior to 2.6.1.40, RBK40 prior to 2.6.1.36, RBR40 prior to 2.6.1.36, RBS40 prior to 2.6.1.38, RBK23 prior to 2.6.1.36, RBR20 prior to 2.6.1.38, RBS20 prior to 2.6.1.38, RBK12 prior to 2.6.1.44, RBK13 prior to 2.6.1.44, RBK14 prior to 2.6.1.44, RBK15 prior to 2.6.1.44, RBR10 prior to 2.6.1.44, RBS10 prior to 2.6.1.44, R6800 prior to 1.2.0.72, R6900v2 prior to 1.2.0.72, R6700v2 prior to 1.2.0.72, R7200 prior to 1.2.0.72, R7350 prior to 1.2.0.72, R7400 prior to 1.2.0.72, R7450 prior to 1.2.0.72, AC2100 prior to 1.2.0.72, AC2400 prior to 1.2.0.72, AC2600 prior to 1.2.0.72, R7800 prior to 1.0.2.74, R8900 prior to 1.0.5.24, R9000 prior to 1.0.5.24, RAX120 prior to 1.0.1.136, XR450 prior to 2.3.2.66, XR500 prior to 2.3.2.66, XR700 prior to 1.0.1.34, and XR300 prior to 1.0.3.50",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-29068"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"db": "VULMON",
"id": "CVE-2021-29068"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-29068",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005326",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202103-1360",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-29068",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-29068"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-1360"
},
{
"db": "NVD",
"id": "CVE-2021-29068"
}
]
},
"id": "VAR-202103-1271",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3117663121621622
},
"last_update_date": "2024-11-23T23:04:04.570000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Post-Authentication\u00a0Buffer\u00a0Overflow\u00a0on\u00a0Some\u00a0Routers,\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems\u00a0,\u00a0PSV-2020-0155",
"trust": 0.8,
"url": "https://kb.netgear.com/000063021/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0155"
},
{
"title": "Netgear NETGEAR Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=145681"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-1360"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"db": "NVD",
"id": "CVE-2021-29068"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000063021/security-advisory-for-post-authentication-buffer-overflow-on-some-routers-extenders-and-wifi-systems-psv-2020-0155"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-29068"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-29068"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-1360"
},
{
"db": "NVD",
"id": "CVE-2021-29068"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-29068"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-1360"
},
{
"db": "NVD",
"id": "CVE-2021-29068"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-23T00:00:00",
"db": "VULMON",
"id": "CVE-2021-29068"
},
{
"date": "2021-12-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"date": "2021-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202103-1360"
},
{
"date": "2021-03-23T07:15:13.297000",
"db": "NVD",
"id": "CVE-2021-29068"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-27T00:00:00",
"db": "VULMON",
"id": "CVE-2021-29068"
},
{
"date": "2021-12-13T01:53:00",
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"date": "2021-03-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202103-1360"
},
{
"date": "2024-11-21T06:00:38.353000",
"db": "NVD",
"id": "CVE-2021-29068"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202103-1360"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Classic buffer overflow vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-005326"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202103-1360"
}
],
"trust": 0.6
}
}
VAR-202112-2302
Vulnerability from variot - Updated: 2024-11-23 23:03Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EAX80 before 1.0.1.62, EX7000 before 1.0.1.104, R6120 before 1.0.0.76, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.78, R6850 before 1.1.0.78, R6350 before 1.1.0.78, R6330 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R7000 before 1.0.11.116, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R7200 before 1.2.0.76, R7350 before 1.2.0.76, R7400 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, R7900 before 1.0.4.38, R7960P before 1.4.1.66, R8000 before 1.0.4.68, R7900P before 1.4.1.66, R8000P before 1.4.1.66, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.72, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106. This affects EAX80 prior to 1.0.1.62, EX7000 prior to 1.0.1.104, R6120 prior to 1.0.0.76, R6220 prior to 1.1.0.110, R6230 prior to 1.1.0.110, R6260 prior to 1.1.0.78, R6850 prior to 1.1.0.78, R6350 prior to 1.1.0.78, R6330 prior to 1.1.0.78, R6800 prior to 1.2.0.76, R6900v2 prior to 1.2.0.76, R6700v2 prior to 1.2.0.76, R7000 prior to 1.0.11.116, R6900P prior to 1.3.3.140, R7000P prior to 1.3.3.140, R7200 prior to 1.2.0.76, R7350 prior to 1.2.0.76, R7400 prior to 1.2.0.76, R7450 prior to 1.2.0.76, AC2100 prior to 1.2.0.76, AC2400 prior to 1.2.0.76, AC2600 prior to 1.2.0.76, R7900 prior to 1.0.4.38, R7960P prior to 1.4.1.66, R8000 prior to 1.0.4.68, R7900P prior to 1.4.1.66, R8000P prior to 1.4.1.66, RAX15 prior to 1.0.2.82, RAX20 prior to 1.0.2.82, RAX200 prior to 1.0.3.106, RAX45 prior to 1.0.2.72, RAX50 prior to 1.0.2.72, RAX75 prior to 1.0.3.106, and RAX80 prior to 1.0.3.106
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202112-2302",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.72"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.38"
},
{
"model": "ac2100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.76"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.106"
},
{
"model": "r7350",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.76"
},
{
"model": "r6350",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.78"
},
{
"model": "ac2400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.76"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.68"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.82"
},
{
"model": "ac2600",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.76"
},
{
"model": "r7450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.76"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.140"
},
{
"model": "r6700v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.76"
},
{
"model": "r6330",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.78"
},
{
"model": "r6800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.76"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.66"
},
{
"model": "r7200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.76"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.116"
},
{
"model": "r6900v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.76"
},
{
"model": "r6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.66"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.82"
},
{
"model": "r6230",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.110"
},
{
"model": "eax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "r7400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.76"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.104"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.66"
},
{
"model": "r6220",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.110"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.140"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.72"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.106"
},
{
"model": "r6850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.78"
},
{
"model": "r6260",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.78"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.106"
},
{
"model": "r6850",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6120",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6350",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6260",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6220",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "eax80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6330",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6230",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017539"
},
{
"db": "NVD",
"id": "CVE-2021-45647"
}
]
},
"cve": "CVE-2021-45647",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2021-45647",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-45647",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-45647",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-45647",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-45647",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-45647",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-45647",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202112-2441",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017539"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2441"
},
{
"db": "NVD",
"id": "CVE-2021-45647"
},
{
"db": "NVD",
"id": "CVE-2021-45647"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EAX80 before 1.0.1.62, EX7000 before 1.0.1.104, R6120 before 1.0.0.76, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.78, R6850 before 1.1.0.78, R6350 before 1.1.0.78, R6330 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R7000 before 1.0.11.116, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R7200 before 1.2.0.76, R7350 before 1.2.0.76, R7400 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, R7900 before 1.0.4.38, R7960P before 1.4.1.66, R8000 before 1.0.4.68, R7900P before 1.4.1.66, R8000P before 1.4.1.66, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.72, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106. This affects EAX80 prior to 1.0.1.62, EX7000 prior to 1.0.1.104, R6120 prior to 1.0.0.76, R6220 prior to 1.1.0.110, R6230 prior to 1.1.0.110, R6260 prior to 1.1.0.78, R6850 prior to 1.1.0.78, R6350 prior to 1.1.0.78, R6330 prior to 1.1.0.78, R6800 prior to 1.2.0.76, R6900v2 prior to 1.2.0.76, R6700v2 prior to 1.2.0.76, R7000 prior to 1.0.11.116, R6900P prior to 1.3.3.140, R7000P prior to 1.3.3.140, R7200 prior to 1.2.0.76, R7350 prior to 1.2.0.76, R7400 prior to 1.2.0.76, R7450 prior to 1.2.0.76, AC2100 prior to 1.2.0.76, AC2400 prior to 1.2.0.76, AC2600 prior to 1.2.0.76, R7900 prior to 1.0.4.38, R7960P prior to 1.4.1.66, R8000 prior to 1.0.4.68, R7900P prior to 1.4.1.66, R8000P prior to 1.4.1.66, RAX15 prior to 1.0.2.82, RAX20 prior to 1.0.2.82, RAX200 prior to 1.0.3.106, RAX45 prior to 1.0.2.72, RAX50 prior to 1.0.2.72, RAX75 prior to 1.0.3.106, and RAX80 prior to 1.0.3.106",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-45647"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017539"
},
{
"db": "VULMON",
"id": "CVE-2021-45647"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-45647",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017539",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2441",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-45647",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45647"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017539"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2441"
},
{
"db": "NVD",
"id": "CVE-2021-45647"
}
]
},
"id": "VAR-202112-2302",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38866162
},
"last_update_date": "2024-11-23T23:03:57.971000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Sensitive\u00a0Information\u00a0Disclosure\u00a0on\u00a0Some\u00a0Routers\u00a0and\u00a0Extenders,\u00a0PSV-2020-0184",
"trust": 0.8,
"url": "https://kb.netgear.com/000064118/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Extenders-PSV-2020-0184"
},
{
"title": "Netgear NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176203"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017539"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2441"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.0
},
{
"problemtype": "information leak (CWE-200) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017539"
},
{
"db": "NVD",
"id": "CVE-2021-45647"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000064118/security-advisory-for-sensitive-information-disclosure-on-some-routers-and-extenders-psv-2020-0184"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45647"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45647"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017539"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2441"
},
{
"db": "NVD",
"id": "CVE-2021-45647"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-45647"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017539"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2441"
},
{
"db": "NVD",
"id": "CVE-2021-45647"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45647"
},
{
"date": "2023-01-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-017539"
},
{
"date": "2021-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2441"
},
{
"date": "2021-12-26T01:15:19.963000",
"db": "NVD",
"id": "CVE-2021-45647"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-27T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45647"
},
{
"date": "2023-01-25T01:50:00",
"db": "JVNDB",
"id": "JVNDB-2021-017539"
},
{
"date": "2022-01-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2441"
},
{
"date": "2024-11-21T06:32:46.533000",
"db": "NVD",
"id": "CVE-2021-45647"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2441"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Device information disclosure vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017539"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2441"
}
],
"trust": 0.6
}
}
VAR-202112-2407
Vulnerability from variot - Updated: 2024-11-23 23:03Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7900 before 1.0.4.38, R7900P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX200 before 1.0.3.106, MR60 before 1.0.6.110, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects R7900 prior to 1.0.4.38, R7900P prior to 1.4.2.84, R8000 prior to 1.0.4.68, R8000P prior to 1.4.2.84, RAX200 prior to 1.0.3.106, MR60 prior to 1.0.6.110, RAX45 prior to 1.0.2.72, RAX80 prior to 1.0.3.106, MS60 prior to 1.0.6.110, RAX50 prior to 1.0.2.72, RAX75 prior to 1.0.3.106, RBR750 prior to 3.2.16.6, RBR850 prior to 3.2.16.6, RBS750 prior to 3.2.16.6, RBS850 prior to 3.2.16.6, RBK752 prior to 3.2.16.6, and RBK852 prior to 3.2.16.6
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202112-2407",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.72"
},
{
"model": "rbk752",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.38"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.106"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.68"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.110"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.72"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.106"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.110"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.106"
},
{
"model": "rax45",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax75",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rbs750",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rbr750",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax50",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rbr850",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017288"
},
{
"db": "NVD",
"id": "CVE-2021-45541"
}
]
},
"cve": "CVE-2021-45541",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2021-45541",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-45541",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.7,
"id": "CVE-2021-45541",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-45541",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-45541",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-45541",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-45541",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202112-2359",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-45541",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45541"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017288"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2359"
},
{
"db": "NVD",
"id": "CVE-2021-45541"
},
{
"db": "NVD",
"id": "CVE-2021-45541"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7900 before 1.0.4.38, R7900P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX200 before 1.0.3.106, MR60 before 1.0.6.110, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects R7900 prior to 1.0.4.38, R7900P prior to 1.4.2.84, R8000 prior to 1.0.4.68, R8000P prior to 1.4.2.84, RAX200 prior to 1.0.3.106, MR60 prior to 1.0.6.110, RAX45 prior to 1.0.2.72, RAX80 prior to 1.0.3.106, MS60 prior to 1.0.6.110, RAX50 prior to 1.0.2.72, RAX75 prior to 1.0.3.106, RBR750 prior to 3.2.16.6, RBR850 prior to 3.2.16.6, RBS750 prior to 3.2.16.6, RBS850 prior to 3.2.16.6, RBK752 prior to 3.2.16.6, and RBK852 prior to 3.2.16.6",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-45541"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017288"
},
{
"db": "VULMON",
"id": "CVE-2021-45541"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-45541",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017288",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2359",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-45541",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45541"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017288"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2359"
},
{
"db": "NVD",
"id": "CVE-2021-45541"
}
]
},
"id": "VAR-202112-2407",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.282927312
},
"last_update_date": "2024-11-23T23:03:57.843000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Post-Authentication\u00a0Command\u00a0Injection\u00a0on\u00a0Some\u00a0Routers\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0246",
"trust": 0.8,
"url": "https://kb.netgear.com/000064479/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0246"
},
{
"title": "Netgear RBR750 and NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176372"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017288"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2359"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017288"
},
{
"db": "NVD",
"id": "CVE-2021-45541"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000064479/security-advisory-for-post-authentication-command-injection-on-some-routers-and-wifi-systems-psv-2020-0246"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45541"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/77.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45541"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017288"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2359"
},
{
"db": "NVD",
"id": "CVE-2021-45541"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-45541"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017288"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2359"
},
{
"db": "NVD",
"id": "CVE-2021-45541"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45541"
},
{
"date": "2023-01-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-017288"
},
{
"date": "2021-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2359"
},
{
"date": "2021-12-26T01:15:14.937000",
"db": "NVD",
"id": "CVE-2021-45541"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-01-07T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45541"
},
{
"date": "2023-01-13T05:03:00",
"db": "JVNDB",
"id": "JVNDB-2021-017288"
},
{
"date": "2022-01-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2359"
},
{
"date": "2024-11-21T06:32:27.987000",
"db": "NVD",
"id": "CVE-2021-45541"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2359"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Command injection vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017288"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2359"
}
],
"trust": 0.6
}
}
VAR-202012-1194
Vulnerability from variot - Updated: 2024-11-23 23:01Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10, D7800 before 1.0.1.58, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX7500 before 1.0.0.68, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6330 before 1.1.0.76, R6350 before 1.1.0.76, R6400 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700 before 1.0.2.16, R6700v2 before 1.2.0.72, R6700v3 before 1.0.4.98, R6800 before 1.2.0.72, R6850 before 1.1.0.76, R6900P before 1.3.2.124, R6900 before 1.0.2.16, R6900v2 before 1.2.0.72, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RS400 before 1.5.0.48, XR300 before 1.0.3.50, XR450 before 2.3.2.66, XR500 before 2.3.2.66, and XR700 before 1.0.1.34. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202012-1194",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.102"
},
{
"model": "r7400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.102"
},
{
"model": "rbr50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.40"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r7350",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "mk62",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.102"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbk50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.40"
},
{
"model": "rbk12",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "rbs10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "cbk40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.5.0.10"
},
{
"model": "rax120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.136"
},
{
"model": "rbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.36"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.102"
},
{
"model": "r6230",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.100"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.24"
},
{
"model": "eax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "ac2100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "xr300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.50"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.58"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.64"
},
{
"model": "r6260",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "r8900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.24"
},
{
"model": "rbk20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.38"
},
{
"model": "r6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "rbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.36"
},
{
"model": "xr700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "ex7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "xr500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.66"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.62"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.64"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbs20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.38"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.98"
},
{
"model": "ac2600",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "ac2400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "cbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.5.0.10"
},
{
"model": "rbs50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.40"
},
{
"model": "r6330",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.62"
},
{
"model": "r6800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.2.124"
},
{
"model": "xr450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.66"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.0.48"
},
{
"model": "r6900v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "r6350",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.106"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.98"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.60"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.102"
},
{
"model": "eax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r7200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "r6700v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.58"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.102"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.64"
},
{
"model": "rbk40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.38"
},
{
"model": "rbs40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.38"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.64"
},
{
"model": "rbk752",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.100"
},
{
"model": "r6850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "r7450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.62"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.2.124"
},
{
"model": "rbr10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "ac2400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mk62",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "cbk40",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d7800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex7500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "eax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ac2600",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "eax80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ac2100",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "cbr40",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015039"
},
{
"db": "NVD",
"id": "CVE-2020-35795"
}
]
},
"cve": "CVE-2020-35795",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-35795",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-35795",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-015039",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-35795",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-35795",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2020-35795",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202012-1750",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015039"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1750"
},
{
"db": "NVD",
"id": "CVE-2020-35795"
},
{
"db": "NVD",
"id": "CVE-2020-35795"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10, D7800 before 1.0.1.58, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX7500 before 1.0.0.68, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6330 before 1.1.0.76, R6350 before 1.1.0.76, R6400 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700 before 1.0.2.16, R6700v2 before 1.2.0.72, R6700v3 before 1.0.4.98, R6800 before 1.2.0.72, R6850 before 1.1.0.76, R6900P before 1.3.2.124, R6900 before 1.0.2.16, R6900v2 before 1.2.0.72, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RS400 before 1.5.0.48, XR300 before 1.0.3.50, XR450 before 2.3.2.66, XR500 before 2.3.2.66, and XR700 before 1.0.1.34. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-35795"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015039"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-35795",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015039",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1750",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015039"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1750"
},
{
"db": "NVD",
"id": "CVE-2020-35795"
}
]
},
"id": "VAR-202012-1194",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3302461448717948
},
"last_update_date": "2024-11-23T23:01:10.862000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Pre-Authentication\u00a0Buffer\u00a0Overflow\u00a0on\u00a0Some\u00a0Routers,\u00a0Range\u00a0Extenders,\u00a0and\u00a0Orbi\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0154",
"trust": 0.8,
"url": "https://kb.netgear.com/000062735/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Range-Extenders-and-Orbi-WiFi-Systems-PSV-2020-0154"
},
{
"title": "Certain NETGEAR devices Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138129"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015039"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1750"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015039"
},
{
"db": "NVD",
"id": "CVE-2020-35795"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://kb.netgear.com/000062735/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-range-extenders-and-orbi-wifi-systems-psv-2020-0154"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35795"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015039"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1750"
},
{
"db": "NVD",
"id": "CVE-2020-35795"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015039"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1750"
},
{
"db": "NVD",
"id": "CVE-2020-35795"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-015039"
},
{
"date": "2020-12-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1750"
},
{
"date": "2020-12-30T00:15:14.080000",
"db": "NVD",
"id": "CVE-2020-35795"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-08T08:43:00",
"db": "JVNDB",
"id": "JVNDB-2020-015039"
},
{
"date": "2021-01-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1750"
},
{
"date": "2024-11-21T05:28:07.420000",
"db": "NVD",
"id": "CVE-2020-35795"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1750"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Classic buffer overflow vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015039"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1750"
}
],
"trust": 0.6
}
}
VAR-202112-2328
Vulnerability from variot - Updated: 2024-11-23 22:57Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX3700 before 1.0.0.94, EX3800 before 1.0.0.94, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7100LG before 1.0.0.72, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, R8300 before 1.0.2.154, R8500 before 1.0.2.154, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects CBR40 prior to 2.5.0.24, CBR750 prior to 3.2.18.2, EAX20 prior to 1.0.0.58, EAX80 prior to 1.0.1.68, EX3700 prior to 1.0.0.94, EX3800 prior to 1.0.0.94, EX6120 prior to 1.0.0.64, EX6130 prior to 1.0.0.44, EX7000 prior to 1.0.1.104, EX7500 prior to 1.0.0.74, LAX20 prior to 1.1.6.28, MR60 prior to 1.0.6.116, MS60 prior to 1.0.6.116, R6300v2 prior to 1.0.4.52, R6400 prior to 1.0.1.70, R6400v2 prior to 1.0.4.106, R6700v3 prior to 1.0.4.106, R6900P prior to 1.3.3.140, R7000 prior to 1.0.11.126, R7000P prior to 1.3.3.140, R7100LG prior to 1.0.0.72, R7850 prior to 1.0.5.74, R7900 prior to 1.0.4.46, R7900P prior to 1.4.2.84, R7960P prior to 1.4.2.84, R8000 prior to 1.0.4.74, R8000P prior to 1.4.2.84, R8300 prior to 1.0.2.154, R8500 prior to 1.0.2.154, RAX15 prior to 1.0.3.96, RAX20 prior to 1.0.3.96, RAX200 prior to 1.0.4.120, RAX35v2 prior to 1.0.3.96, RAX40v2 prior to 1.0.3.96, RAX43 prior to 1.0.3.96, RAX45 prior to 1.0.3.96, RAX50 prior to 1.0.3.96, RAX75 prior to 1.0.4.120, RAX80 prior to 1.0.4.120, RBK752 prior to 3.2.17.12, RBK852 prior to 3.2.17.12, RBK852 prior to 3.2.17.12, RBR750 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBS750 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, RS400 prior to 1.5.1.80, XR1000 prior to 1.0.0.58, and XR300 prior to 1.0.3.68
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202112-2328",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.116"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.70"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.116"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "rbk752",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "eax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "rax43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "cbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.18.2"
},
{
"model": "eax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.68"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.74"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.46"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.1.80"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.154"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.140"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "cbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.5.0.24"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.106"
},
{
"model": "xr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "rax40v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "lax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.28"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.140"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "rax35v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "xr300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.68"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.74"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.154"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.52"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.104"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.126"
},
{
"model": "ex7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.106"
},
{
"model": "rax35v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "eax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "cbr750",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax40v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax15",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "eax80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "cbr40",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax43",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017547"
},
{
"db": "NVD",
"id": "CVE-2021-45621"
}
]
},
"cve": "CVE-2021-45621",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2021-45621",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-45621",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-45621",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-45621",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-45621",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-45621",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2021-45621",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202112-2417",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017547"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2417"
},
{
"db": "NVD",
"id": "CVE-2021-45621"
},
{
"db": "NVD",
"id": "CVE-2021-45621"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX3700 before 1.0.0.94, EX3800 before 1.0.0.94, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7100LG before 1.0.0.72, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, R8300 before 1.0.2.154, R8500 before 1.0.2.154, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects CBR40 prior to 2.5.0.24, CBR750 prior to 3.2.18.2, EAX20 prior to 1.0.0.58, EAX80 prior to 1.0.1.68, EX3700 prior to 1.0.0.94, EX3800 prior to 1.0.0.94, EX6120 prior to 1.0.0.64, EX6130 prior to 1.0.0.44, EX7000 prior to 1.0.1.104, EX7500 prior to 1.0.0.74, LAX20 prior to 1.1.6.28, MR60 prior to 1.0.6.116, MS60 prior to 1.0.6.116, R6300v2 prior to 1.0.4.52, R6400 prior to 1.0.1.70, R6400v2 prior to 1.0.4.106, R6700v3 prior to 1.0.4.106, R6900P prior to 1.3.3.140, R7000 prior to 1.0.11.126, R7000P prior to 1.3.3.140, R7100LG prior to 1.0.0.72, R7850 prior to 1.0.5.74, R7900 prior to 1.0.4.46, R7900P prior to 1.4.2.84, R7960P prior to 1.4.2.84, R8000 prior to 1.0.4.74, R8000P prior to 1.4.2.84, R8300 prior to 1.0.2.154, R8500 prior to 1.0.2.154, RAX15 prior to 1.0.3.96, RAX20 prior to 1.0.3.96, RAX200 prior to 1.0.4.120, RAX35v2 prior to 1.0.3.96, RAX40v2 prior to 1.0.3.96, RAX43 prior to 1.0.3.96, RAX45 prior to 1.0.3.96, RAX50 prior to 1.0.3.96, RAX75 prior to 1.0.4.120, RAX80 prior to 1.0.4.120, RBK752 prior to 3.2.17.12, RBK852 prior to 3.2.17.12, RBK852 prior to 3.2.17.12, RBR750 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBS750 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, RS400 prior to 1.5.1.80, XR1000 prior to 1.0.0.58, and XR300 prior to 1.0.3.68",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-45621"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017547"
},
{
"db": "VULMON",
"id": "CVE-2021-45621"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-45621",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017547",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2417",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-45621",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45621"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017547"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2417"
},
{
"db": "NVD",
"id": "CVE-2021-45621"
}
]
},
"id": "VAR-202112-2328",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3596940220833333
},
"last_update_date": "2024-11-23T22:57:50.345000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Pre-Authentication\u00a0Command\u00a0Injection\u00a0on\u00a0Some\u00a0Routers,\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0562",
"trust": 0.8,
"url": "https://kb.netgear.com/000064523/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0562"
},
{
"title": "Netgear RBR750 and NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176396"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017547"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2417"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017547"
},
{
"db": "NVD",
"id": "CVE-2021-45621"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000064523/security-advisory-for-pre-authentication-command-injection-on-some-routers-extenders-and-wifi-systems-psv-2020-0562"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45621"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017547"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2417"
},
{
"db": "NVD",
"id": "CVE-2021-45621"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-45621"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017547"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2417"
},
{
"db": "NVD",
"id": "CVE-2021-45621"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45621"
},
{
"date": "2023-01-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-017547"
},
{
"date": "2021-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2417"
},
{
"date": "2021-12-26T01:15:18.757000",
"db": "NVD",
"id": "CVE-2021-45621"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-27T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45621"
},
{
"date": "2023-01-25T02:07:00",
"db": "JVNDB",
"id": "JVNDB-2021-017547"
},
{
"date": "2022-01-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2417"
},
{
"date": "2024-11-21T06:32:41.920000",
"db": "NVD",
"id": "CVE-2021-45621"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2417"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Command injection vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017547"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2417"
}
],
"trust": 0.6
}
}
VAR-202112-2280
Vulnerability from variot - Updated: 2024-11-23 22:54Certain NETGEAR devices are affected by stored XSS. This affects RAX200 before 1.0.3.106, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with. This affects RAX200 prior to 1.0.3.106, MR60 prior to 1.0.6.110, RAX20 prior to 1.0.2.82, RAX45 prior to 1.0.2.72, RAX80 prior to 1.0.3.106, MS60 prior to 1.0.6.110, RAX15 prior to 1.0.2.82, RAX50 prior to 1.0.2.72, RAX75 prior to 1.0.3.106, RBR750 prior to 3.2.16.6, RBR850 prior to 3.2.16.6, RBS750 prior to 3.2.16.6, RBS850 prior to 3.2.16.6, RBK752 prior to 3.2.16.6, and RBK852 prior to 3.2.16.6
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202112-2280",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.72"
},
{
"model": "rbk752",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.82"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.106"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.82"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.110"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.72"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.106"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.110"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.106"
},
{
"model": "rax15",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax45",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rbr750",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax50",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax75",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017170"
},
{
"db": "NVD",
"id": "CVE-2021-45669"
}
]
},
"cve": "CVE-2021-45669",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2021-45669",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.7,
"id": "CVE-2021-45669",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 0.7,
"id": "CVE-2021-45669",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.8,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2021-45669",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "High",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-45669",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-45669",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2021-45669",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202112-2470",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-45669",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45669"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017170"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2470"
},
{
"db": "NVD",
"id": "CVE-2021-45669"
},
{
"db": "NVD",
"id": "CVE-2021-45669"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by stored XSS. This affects RAX200 before 1.0.3.106, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with. This affects RAX200 prior to 1.0.3.106, MR60 prior to 1.0.6.110, RAX20 prior to 1.0.2.82, RAX45 prior to 1.0.2.72, RAX80 prior to 1.0.3.106, MS60 prior to 1.0.6.110, RAX15 prior to 1.0.2.82, RAX50 prior to 1.0.2.72, RAX75 prior to 1.0.3.106, RBR750 prior to 3.2.16.6, RBR850 prior to 3.2.16.6, RBS750 prior to 3.2.16.6, RBS850 prior to 3.2.16.6, RBK752 prior to 3.2.16.6, and RBK852 prior to 3.2.16.6",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-45669"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017170"
},
{
"db": "VULMON",
"id": "CVE-2021-45669"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-45669",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017170",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2470",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-45669",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45669"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017170"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2470"
},
{
"db": "NVD",
"id": "CVE-2021-45669"
}
]
},
"id": "VAR-202112-2280",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.14124016
},
"last_update_date": "2024-11-23T22:54:44.967000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Stored\u00a0Cross\u00a0Site\u00a0Scripting\u00a0on\u00a0Some\u00a0Routers\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0210",
"trust": 0.8,
"url": "https://kb.netgear.com/000064478/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-WiFi-Systems-PSV-2020-0210"
},
{
"title": "Netgear RBR750 and NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=175895"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017170"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2470"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
},
{
"problemtype": "Cross-site scripting (CWE-79) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017170"
},
{
"db": "NVD",
"id": "CVE-2021-45669"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000064478/security-advisory-for-stored-cross-site-scripting-on-some-routers-and-wifi-systems-psv-2020-0210"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45669"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45669"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017170"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2470"
},
{
"db": "NVD",
"id": "CVE-2021-45669"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-45669"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017170"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2470"
},
{
"db": "NVD",
"id": "CVE-2021-45669"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45669"
},
{
"date": "2023-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-017170"
},
{
"date": "2021-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2470"
},
{
"date": "2021-12-26T01:15:20.960000",
"db": "NVD",
"id": "CVE-2021-45669"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-01-06T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45669"
},
{
"date": "2023-01-06T05:15:00",
"db": "JVNDB",
"id": "JVNDB-2021-017170"
},
{
"date": "2022-01-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2470"
},
{
"date": "2024-11-21T06:32:50.190000",
"db": "NVD",
"id": "CVE-2021-45669"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2470"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Cross-site scripting vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017170"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2470"
}
],
"trust": 0.6
}
}