CVE-2026-62656
Post-authenticated command injection vulnerability found in certain NETGEAR RAX models
Vexday Risk Score
10Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.4EPSS —KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
14 Jul 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A
security flaw was found in certain NETGEAR RAX models that could allow
a logged-in user to send specially crafted requests to the router and run
unauthorized commands. This could enable the user to make unauthorized changes
to the router and affect its security and operation.
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P