← volver
CVE-2026-9212

Insufficient authentication and input validation in certain NETGEAR products

CVSS 5.6 MEDIUMEPSS 0.3%CWE-20CWE-306
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.6EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
09 jun 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute commands impacting the product's confidentiality or change certain configurations.
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/E:U
Productos afectados
NETGEAR · LBR1020NETGEAR · LBR20NETGEAR · R6700AXNETGEAR · R7800NETGEAR · R9000NETGEAR · RAX10NETGEAR · RAX10v2NETGEAR · RAX120NETGEAR · RAX120v1NETGEAR · RAX120v2NETGEAR · RAX36SNETGEAR · RAX70NETGEAR · RAX78NETGEAR · RBR10NETGEAR · RBR20NETGEAR · RBR350NETGEAR · RBR40NETGEAR · RBR50NETGEAR · RBS10NETGEAR · RBS20NETGEAR · RBS350NETGEAR · RBS40NETGEAR · RBS50NETGEAR · XR450NETGEAR · XR500

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisoryhttps://www.netgear.com/support/product/lbr1020/https://www.netgear.com/support/product/lbr20/https://www.netgear.com/support/product/r6700ax/https://www.netgear.com/support/product/r7800/https://www.netgear.com/support/product/r9000/https://www.netgear.com/support/product/rax10/https://www.netgear.com/support/product/rax120/https://www.netgear.com/support/product/rax120v2/https://www.netgear.com/support/product/rax36s/https://www.netgear.com/support/product/rax70/https://www.netgear.com/support/product/rax78/