CVE-2026-9212
Insufficient authentication and input validation in certain NETGEAR products
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.6EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
09 Jun 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute commands impacting the product's confidentiality or change certain configurations.
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/E:U
Affected products
NETGEAR · LBR1020NETGEAR · LBR20NETGEAR · R6700AXNETGEAR · R7800NETGEAR · R9000NETGEAR · RAX10NETGEAR · RAX10v2NETGEAR · RAX120NETGEAR · RAX120v1NETGEAR · RAX120v2NETGEAR · RAX36SNETGEAR · RAX70NETGEAR · RAX78NETGEAR · RBR10NETGEAR · RBR20NETGEAR · RBR350NETGEAR · RBR40NETGEAR · RBR50NETGEAR · RBS10NETGEAR · RBS20NETGEAR · RBS350NETGEAR · RBS40NETGEAR · RBS50NETGEAR · XR450NETGEAR · XR500Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisoryhttps://www.netgear.com/support/product/lbr1020/https://www.netgear.com/support/product/lbr20/https://www.netgear.com/support/product/r6700ax/https://www.netgear.com/support/product/r7800/https://www.netgear.com/support/product/r9000/https://www.netgear.com/support/product/rax10/https://www.netgear.com/support/product/rax120/https://www.netgear.com/support/product/rax120v2/https://www.netgear.com/support/product/rax36s/https://www.netgear.com/support/product/rax70/https://www.netgear.com/support/product/rax78/