Home

Description

A security flaw was found in certain NETGEAR RAX models that could allow a logged-in user to send specially crafted requests to the router and run unauthorized commands. This could enable the user to make unauthorized changes to the router and affect its security and operation.

PUBLISHED Reserved 2026-07-14 | Published 2026-07-14 | Updated 2026-07-14 | Assigner NETGEAR




MEDIUM: 5.4CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P

Problem types

CWE-20 Improper input validation

Product status

Default status
unaffected

Any version before V1.2.14.114
affected

Default status
unaffected

Any version before V1.2.14.114
affected

Credits

fxc233 finder

References

www.netgear.com/support/product/raxe450/ product patch

www.netgear.com/support/product/raxe500/ product patch

cve.org (CVE-2026-62656)

nvd.nist.gov (CVE-2026-62656)

Download JSON