CVE-2026-9210
MEDIUMCertain NETGEAR routers allow authenticated administrators to gain unintended control of the router
Title source: cnaDescription
Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.
References (32)
Core 32
Core References
Patch product
https://www.netgear.com/support/product/r8500/
Patch product
patch
https://www.netgear.com/support/product/ex3700/
Patch product
patch
https://www.netgear.com/support/product/ex3800/
Patch product
patch
https://www.netgear.com/support/product/ex6120/
Patch product
patch
https://www.netgear.com/support/product/mr60/
Patch product
patch
https://www.netgear.com/support/product/ex6130/
Patch product
patch
https://www.netgear.com/support/product/ms70/
Patch product
patch
https://www.netgear.com/support/product/ms60/
Patch product
patch
https://www.netgear.com/support/product/mr80/
Patch product
patch
https://www.netgear.com/support/product/ms80/
Patch product
patch
https://www.netgear.com/support/product/mr70/
Patch product
patch
https://www.netgear.com/support/product/r6400v2/
Patch product
patch
https://www.netgear.com/support/product/r6700v3/
Patch product
patch
https://www.netgear.com/support/product/r6900p/
Patch product
patch
https://www.netgear.com/support/product/r7960p/
Patch product
patch
https://www.netgear.com/support/product/r7000p/
Patch product
patch
https://www.netgear.com/support/product/r8000p/
Patch product
patch
https://www.netgear.com/support/product/rax48/
Patch product
patch
https://www.netgear.com/support/product/r7000/
Patch product
patch
https://www.netgear.com/support/product/rax40v2/
Patch product
patch
https://www.netgear.com/support/product/rax20/
Patch product
patch
https://www.netgear.com/support/product/rax35v2/
Patch product
patch
https://www.netgear.com/support/product/rax41/
Patch product
patch
https://www.netgear.com/support/product/rax42/
Patch product
patch
https://www.netgear.com/support/product/rax45/
Patch product
patch
https://www.netgear.com/support/product/rax50/
Patch product
patch
https://www.netgear.com/support/product/rax43/
Patch product
patch
https://www.netgear.com/support/product/rax50s/
Patch product
patch
https://www.netgear.com/support/product/raxe450/
Patch product
patch
https://www.netgear.com/support/product/raxe500/
Patch product
patch
https://www.netgear.com/support/product/xr1000/
Vendor Advisory vendor-advisory
https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory
Scores
CVSS v4
4.9
EPSS
0.0025
EPSS Percentile
16.0%
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-20
Status
published
Products (32)
NETGEAR/EX3700
< V1.0.0.100
NETGEAR/EX3800
< V1.0.0.100
NETGEAR/EX6120
< V1.0.0.72
NETGEAR/EX6130
< V1.0.0.54
NETGEAR/MR60
< V1.1.7.132
NETGEAR/MR70
< V1.0.3.28
NETGEAR/MR80
< V1.1.7.14
NETGEAR/MS60
< V1.1.7.132
NETGEAR/MS70
< V1.0.3.28
NETGEAR/MS80
< V1.1.7.14
... and 22 more
Published
Jun 09, 2026
Tracked Since
Jun 09, 2026