Search
Find a vulnerability
Search criteria
2 vulnerabilities found for rax5_firmware by netgear
CVE-2026-9211 (GCVE-0-2026-9211)
Vulnerability from nvd – Published: 2026-06-09 15:50 – Updated: 2026-06-10 18:16
VLAI
Title
Certain NETGEAR routers allow unauthenticated users to gain control of the router
Summary
An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper input validation
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://www.netgear.com/support/product/cax30/ | productpatch |
| https://www.netgear.com/support/product/rax30/ | productpatch |
| https://www.netgear.com/support/product/rax5/ | productpatch |
| https://www.netgear.com/support/product/raxe300/ | productpatch |
| https://kb.netgear.com/000070811/June-2026-NETGEA… | vendor-advisory |
Impacted products
Date Public
2026-06-09 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9211",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T03:59:26.298Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CAX30",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V2.2.1.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX30",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.94",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX5",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.5.34",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE300",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.72",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "kaoken"
}
],
"datePublic": "2026-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eAn unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation."
}
],
"impacts": [
{
"capecId": "CAPEC-33",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-33 HTTP Request Smuggling"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T18:16:48.508Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/cax30/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax30/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax5/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe300/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\u003c/p\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eProduct\u003c/th\u003e\u003cth\u003eFixed Version\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eCAX30\u003c/b\u003e Nighthawk AX6 6-Stream WiFi 6 Cable Modem Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/cax30/\"\u003eV2.2.1.4\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX30\u003c/b\u003e Nighthawk AX5 5-Stream AX2400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax30/\"\u003eV1.0.10.94\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX5\u003c/b\u003e 4-Stream AX1600 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax5/\"\u003eV1.0.5.34\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE300\u003c/b\u003e Nighthawk AXE7800 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe300/\"\u003eV1.0.10.72\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\n\nProductFixed VersionCAX30 Nighthawk AX6 6-Stream WiFi 6 Cable Modem Router V2.2.1.4 https://www.netgear.com/support/product/cax30/ RAX30 Nighthawk AX5 5-Stream AX2400 WiFi 6 Router V1.0.10.94 https://www.netgear.com/support/product/rax30/ RAX5 4-Stream AX1600 WiFi 6 Router V1.0.5.34 https://www.netgear.com/support/product/rax5/ RAXE300 Nighthawk AXE7800 Tri-Band WiFi 6E Router V1.0.10.72 https://www.netgear.com/support/product/raxe300/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Certain NETGEAR routers allow unauthenticated users to gain control of the router",
"x_generator": {
"engine": "Vulnogram 1.0.3"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-9211",
"datePublished": "2026-06-09T15:50:48.437Z",
"dateReserved": "2026-05-21T17:29:03.440Z",
"dateUpdated": "2026-06-10T18:16:48.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-9211 (GCVE-0-2026-9211)
Vulnerability from cvelistv5 – Published: 2026-06-09 15:50 – Updated: 2026-06-10 18:16
VLAI
Title
Certain NETGEAR routers allow unauthenticated users to gain control of the router
Summary
An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper input validation
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://www.netgear.com/support/product/cax30/ | productpatch |
| https://www.netgear.com/support/product/rax30/ | productpatch |
| https://www.netgear.com/support/product/rax5/ | productpatch |
| https://www.netgear.com/support/product/raxe300/ | productpatch |
| https://kb.netgear.com/000070811/June-2026-NETGEA… | vendor-advisory |
Impacted products
Date Public
2026-06-09 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9211",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T03:59:26.298Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CAX30",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V2.2.1.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX30",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.94",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAX5",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.5.34",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAXE300",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V1.0.10.72",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "kaoken"
}
],
"datePublic": "2026-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eAn unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation."
}
],
"impacts": [
{
"capecId": "CAPEC-33",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-33 HTTP Request Smuggling"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T18:16:48.508Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/cax30/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax30/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rax5/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/raxe300/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\u003c/p\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eProduct\u003c/th\u003e\u003cth\u003eFixed Version\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eCAX30\u003c/b\u003e Nighthawk AX6 6-Stream WiFi 6 Cable Modem Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/cax30/\"\u003eV2.2.1.4\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX30\u003c/b\u003e Nighthawk AX5 5-Stream AX2400 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax30/\"\u003eV1.0.10.94\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAX5\u003c/b\u003e 4-Stream AX1600 WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rax5/\"\u003eV1.0.5.34\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE300\u003c/b\u003e Nighthawk AXE7800 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe300/\"\u003eV1.0.10.72\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\n\nProductFixed VersionCAX30 Nighthawk AX6 6-Stream WiFi 6 Cable Modem Router V2.2.1.4 https://www.netgear.com/support/product/cax30/ RAX30 Nighthawk AX5 5-Stream AX2400 WiFi 6 Router V1.0.10.94 https://www.netgear.com/support/product/rax30/ RAX5 4-Stream AX1600 WiFi 6 Router V1.0.5.34 https://www.netgear.com/support/product/rax5/ RAXE300 Nighthawk AXE7800 Tri-Band WiFi 6E Router V1.0.10.72 https://www.netgear.com/support/product/raxe300/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Certain NETGEAR routers allow unauthenticated users to gain control of the router",
"x_generator": {
"engine": "Vulnogram 1.0.3"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-9211",
"datePublished": "2026-06-09T15:50:48.437Z",
"dateReserved": "2026-05-21T17:29:03.440Z",
"dateUpdated": "2026-06-10T18:16:48.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}