How to fix CVE-2022-40619?

Within 24 hours: Identify and inventory all affected NETGEAR/Orbi devices in your environment and assess their network exposure. Within 7 days: Implement network segmentation to restrict LAN access to trusted devices only, disable the FunJSQ module if possible through device settings, and apply firewall rules to block unauthorized access to the HTTP interface. Within 30 days: Plan device replacement or firmware updates once patches become available, conduct forensic review of device logs for signs of compromise, and evaluate alternative WiFi solutions to mitigate future risk.

Is Command Injection affected by CVE-2022-40619?

NETGEAR routers and Orbi WiFi Systems containing the FunJSQ module are vulnerable to unauthenticated remote code execution via LAN access, allowing attackers to fully compromise affected devices without authentication.

CVE-2022-40619

HIGH

2026-01-28 [email protected]

7.7

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

Low

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

PoC Detected

Mar 09, 2026 - 14:43 vuln.today

Public exploit code

CVE Published

Jan 28, 2026 - 19:16 nvd

HIGH 7.7

Description

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsq_access_token parameter. This affects R6230 before 1.1.0.112, R6260 before 1.1.0.88, R7000 before 1.0.11.134, R8900 before 1.0.5.42, R9000 before 1.0.5.42, and XR300 before 1.0.3.72 and Orbi RBR20 before 2.7.2.26, RBR50 before 2.7.4.26, RBS20 before 2.7.2.26, and RBS50 before 2.7.4.26.

Analysis

Technical Context

Classified as CWE-77 (Command Injection). Affects the funjsq_access_token component of Rbr20 Firmware. FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsq_access_token parameter. This affects R6230 before 1.1.0.112, R6260 before 1.1.0.88, R7000 before 1.0.11.134, R8900 before 1.0.5.42, R9000 before 1.0.5.42, and XR300 before 1.0.3.72 and Orbi RBR20 before 2.7.2.26, RBR50 before 2.7.4.26, RBS20 before 2.

Affected Products

Vendor: Netgear. Product: Rbr20 Firmware. Versions: up to 1.1.0.112. Component: funjsq_access_token.

Remediation

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.8

CVSS: +38

POC: +20

CVE-2022-40619 vulnerability details – vuln.today

Back

CVE-2022-40619

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2022-40619

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code