CVE-2026-0417 | THREATINT

Description

Insufficient input validation vulnerability in the listed NETGEAR devices allows authenticated administrators connected to the local network to tamper with the router's integrity.

PUBLISHED Reserved 2025-12-03 | Published 2026-06-09 | Updated 2026-06-10 | Assigner NETGEAR

MEDIUM: 4.3CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber

Problem types

CWE-20 Improper input validation

Product status

Default status

unaffected

Any version before V1.1.7.132

affected

Default status

unaffected

Any version before V1.0.3.28

affected

Default status

unaffected

Any version before V1.1.7.14

affected

Default status

unaffected

Any version before V1.1.7.132

affected

Default status

unaffected

Any version before V1.0.3.28

affected

Default status

unaffected

Any version before V1.1.7.14

affected

Default status

unaffected

Any version before V1.0.4.128

affected

Default status

unaffected

Any version before V1.0.4.128

affected

Default status

unaffected

Any version before V1.3.3.152

affected

Default status

unaffected

Any version before V1.0.11.216

affected

Default status

unaffected

Any version before V1.3.3.152

affected

Default status

unaffected

Any version before V1.4.4.92

affected

Default status

unaffected

Any version before V1.4.4.92

affected

Default status

unaffected

Any version

affected

Default status

unaffected

Any version before V1.0.18.144

affected

Default status

unaffected

Any version before V1.0.16.132

affected

Default status

unaffected

Any version before V1.0.12.118

affected

Default status

unaffected

Any version before V1.0.12.118

affected

Default status

unaffected

Any version before V1.0.12.118

affected

Default status

unaffected

Any version before V1.0.12.120

affected

Default status

unaffected

Any version before V1.0.12.118

affected

Default status

unaffected

Any version before V1.0.12.118

affected

Default status

unaffected

Any version before V1.0.12.120

affected

Default status

unaffected

Any version before V1.0.12.120

affected

Default status

unaffected

Any version before V1.0.10.86

affected

Default status

unaffected

Any version before V1.0.10.86

affected

Default status

unaffected

Any version before V1.0.0.68

affected

Credits

pjqwudi finder

References

www.netgear.com/support/product/mr70/ product patch

www.netgear.com/support/product/mr80/ product patch

www.netgear.com/support/product/mr60/ product patch

www.netgear.com/support/product/ms60/ product patch

www.netgear.com/support/product/ms80/ product patch

www.netgear.com/support/product/r6400v2/ product patch

www.netgear.com/support/product/ms70/ product patch

www.netgear.com/support/product/r6700v3/ product patch

www.netgear.com/support/product/r7000/ product patch

www.netgear.com/support/product/r6900p/ product patch

www.netgear.com/support/product/r8000p/ product patch

www.netgear.com/support/product/r8500/ product patch

www.netgear.com/support/product/rax40v2/ product patch

www.netgear.com/support/product/rax42/ product patch

www.netgear.com/support/product/rax35v2/ product patch

www.netgear.com/support/product/rax41/ product patch

www.netgear.com/support/product/rax20/ product patch

www.netgear.com/support/product/rax43/ product patch

www.netgear.com/support/product/r7960p/ product patch

www.netgear.com/support/product/r7000p/ product patch

www.netgear.com/support/product/rax45/ product patch

www.netgear.com/support/product/rax48/ product patch

www.netgear.com/support/product/raxe450/ product patch

www.netgear.com/support/product/rax50s/ product patch

www.netgear.com/support/product/xr1000/ product patch

www.netgear.com/support/product/rax50/ product patch

www.netgear.com/support/product/raxe500/ product patch

kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory vendor-advisory

cve.org (CVE-2026-0417)

nvd.nist.gov (CVE-2026-0417)

Download JSON