CVE-2026-0413

MEDIUM

NETGEAR Routers - Authenticated Buffer Overflow

Title source: manual
STIX 2.1

Description

A buffer overflow vulnerability due to insufficient input validation in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.

References (15)

Core 15
Core References

Scores

CVSS v4 4.3
EPSS 0.0034
EPSS Percentile 25.5%
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-121
Status published
Products (16)
NETGEAR/RBE370 < V12.1.2.1
NETGEAR/RBE37X < V12.1.2.1
NETGEAR/RBE770 < V10.5.20.10
NETGEAR/RBE77X < V10.5.20.10
NETGEAR/RBR750 < V7.2.8.5
NETGEAR/RBR840 < V7.2.8.5
NETGEAR/RBR850 < V7.2.8.5
NETGEAR/RBR860 < V7.2.8.5
NETGEAR/RBRE950 < V7.2.8.5
NETGEAR/RBRE960 < V7.2.8.5
... and 6 more
Published Jun 09, 2026
Tracked Since Jun 09, 2026