GHSA-JVF4-GM9F-33G9

Vulnerability from github – Published: 2026-01-13 18:31 – Updated: 2026-01-13 18:31
VLAI?
Details

An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default.

Severity ?
4.8 (Medium)
CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber
Show details on source website
To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2026-0404"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-13T16:16:10Z",
    "severity": "MODERATE"
  },
  "details": "An insufficient input validation vulnerability in NETGEAR Orbi devices\u0027 \nDHCPv6 functionality\u00a0allows network adjacent attackers authenticated \nover\u00a0WiFi or on LAN\u00a0to execute OS command injections on the router. \nDHCPv6 is not enabled by default.",
  "id": "GHSA-jvf4-gm9f-33g9",
  "modified": "2026-01-13T18:31:07Z",
  "published": "2026-01-13T18:31:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0404"
    },
    {
      "type": "WEB",
      "url": "https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory"
    },
    {
      "type": "WEB",
      "url": "https://www.netgear.com/support/product/rbr750"
    },
    {
      "type": "WEB",
      "url": "https://www.netgear.com/support/product/rbr840"
    },
    {
      "type": "WEB",
      "url": "https://www.netgear.com/support/product/rbr850"
    },
    {
      "type": "WEB",
      "url": "https://www.netgear.com/support/product/rbr860"
    },
    {
      "type": "WEB",
      "url": "https://www.netgear.com/support/product/rbre950"
    },
    {
      "type": "WEB",
      "url": "https://www.netgear.com/support/product/rbre960"
    },
    {
      "type": "WEB",
      "url": "https://www.netgear.com/support/product/rbs750"
    },
    {
      "type": "WEB",
      "url": "https://www.netgear.com/support/product/rbs840"
    },
    {
      "type": "WEB",
      "url": "https://www.netgear.com/support/product/rbs850"
    },
    {
      "type": "WEB",
      "url": "https://www.netgear.com/support/product/rbs860"
    },
    {
      "type": "WEB",
      "url": "https://www.netgear.com/support/product/rbse950"
    },
    {
      "type": "WEB",
      "url": "https://www.netgear.com/support/product/rbse960"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber",
      "type": "CVSS_V4"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.