CVE-2026-9213 | THREATINT

Description

A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper traffic between the router and the Internet, to execute code on the device.

PUBLISHED Reserved 2026-05-21 | Published 2026-06-09 | Updated 2026-06-10 | Assigner NETGEAR

MEDIUM: 6.9CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U

Problem types

CWE-20 Insufficient input validation

Product status

Default status

unaffected

Any version before V1.0.4.48

affected

Default status

unaffected

Any version before V1.0.4.48

affected

Default status

unaffected

Any version before V1.2.14.114

affected

Default status

unaffected

Any version before V1.0.2.86

affected

Credits

fluorescent finder

References

www.netgear.com/support/product/mr70/ product patch

www.netgear.com/support/product/ms70/ product patch

www.netgear.com/support/product/raxe500/ product patch

www.netgear.com/support/product/xr1000/ product patch

kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory vendor-advisory

cve.org (CVE-2026-9213)

nvd.nist.gov (CVE-2026-9213)

Download JSON