← back
CVE-2026-62658

Post-authentication Command Injection Vulnerability in certain Nighthawk RAX series models

CVSS 4.7 MEDIUMCWE-20
Vexday Risk Score
10Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.7EPSS KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
14 Jul 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A security flaw was discovered in certain NETGEAR Nighthawk RAX series routers that could allow someone already logged in to the device to run unauthorized commands or code on the router.
CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P