CVE-2026-0417
MEDIUMInsufficient input validation in certain NETGEAR routers
Title source: cnaDescription
Insufficient input validation vulnerability in the listed NETGEAR devices allows authenticated administrators connected to the local network to tamper with the router's integrity.
References (28)
Core 28
Core References
Patch product
patch
https://www.netgear.com/support/product/mr70/
Patch product
patch
https://www.netgear.com/support/product/mr80/
Patch product
patch
https://www.netgear.com/support/product/mr60/
Patch product
patch
https://www.netgear.com/support/product/ms60/
Patch product
patch
https://www.netgear.com/support/product/ms80/
Patch product
patch
https://www.netgear.com/support/product/r6400v2/
Patch product
patch
https://www.netgear.com/support/product/ms70/
Patch product
patch
https://www.netgear.com/support/product/r6700v3/
Patch product
patch
https://www.netgear.com/support/product/r7000/
Patch product
patch
https://www.netgear.com/support/product/r6900p/
Patch product
patch
https://www.netgear.com/support/product/r8000p/
Patch product
patch
https://www.netgear.com/support/product/r8500/
Patch product
patch
https://www.netgear.com/support/product/rax40v2/
Patch product
patch
https://www.netgear.com/support/product/rax42/
Patch product
patch
https://www.netgear.com/support/product/rax35v2/
Patch product
patch
https://www.netgear.com/support/product/rax41/
Patch product
patch
https://www.netgear.com/support/product/rax20/
Patch product
patch
https://www.netgear.com/support/product/rax43/
Patch product
patch
https://www.netgear.com/support/product/r7960p/
Patch product
patch
https://www.netgear.com/support/product/r7000p/
Patch product
patch
https://www.netgear.com/support/product/rax45/
Patch product
patch
https://www.netgear.com/support/product/rax48/
Patch product
patch
https://www.netgear.com/support/product/raxe450/
Patch product
patch
https://www.netgear.com/support/product/rax50s/
Patch product
patch
https://www.netgear.com/support/product/xr1000/
Patch product
patch
https://www.netgear.com/support/product/rax50/
Patch product
patch
https://www.netgear.com/support/product/raxe500/
Vendor Advisory vendor-advisory
https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory
Scores
CVSS v4
4.3
EPSS
0.0026
EPSS Percentile
16.8%
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-20
Status
published
Products (28)
NETGEAR/MR60
< V1.1.7.132
NETGEAR/MR70
< V1.0.3.28
NETGEAR/MR80
< V1.1.7.14
NETGEAR/MS60
< V1.1.7.132
NETGEAR/MS70
< V1.0.3.28
NETGEAR/MS80
< V1.1.7.14
NETGEAR/R6400v2
< V1.0.4.128
NETGEAR/R6700v3
< V1.0.4.128
NETGEAR/R6900P
< V1.3.3.152
NETGEAR/R7000
< V1.0.11.216
... and 18 more
Published
Jun 09, 2026
Tracked Since
Jun 09, 2026