Skip to main content

NETGEAR Router EUVDEUVD-2026-35459

| CVE-2026-9210 MEDIUM
Improper Input Validation (CWE-20)
2026-06-09 NETGEAR GHSA-rgvr-gjhw-96v7
4.9
CVSS 4.0 · Vendor: NETGEAR
Share

Severity by source

Vendor (NETGEAR) PRIMARY
4.9 MEDIUM
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber

Primary rating from Vendor (NETGEAR) · only source for this CVE.

CVSS VectorVendor: NETGEAR

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
Jun 09, 2026 - 20:04 vuln.today
CVSS changed
Jun 09, 2026 - 17:22 NVD
4.9 (MEDIUM)
CVE Published
Jun 09, 2026 - 15:50 nvd
UNKNOWN (no severity yet)

DescriptionCVE.org

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.

AnalysisAI

Insufficient input validation across 30+ NETGEAR router, range extender, and mesh networking models enables local network-adjacent modification of router software and functionality. The CVSS 4.0 vector assigns PR:N (no privileges required) and AV:A (adjacent network), yet the CVE description scopes the vulnerability to 'authenticated administrators' - the 'Authentication Bypass' tag supplied by NETGEAR suggests the input validation flaw may itself circumvent authentication controls, reconciling this apparent conflict. Integrity impact is rated High (VI:H) against the vulnerable system, meaning successful exploitation allows unauthorized firmware or configuration modification. No public exploit is identified at time of analysis (E:U), and this CVE is not listed in the CISA KEV catalog.

Technical ContextAI

CWE-20 (Improper Input Validation) is the root cause - the router firmware fails to adequately sanitize or validate input supplied to an administrative interface accessible from the adjacent network. The affected product families span NETGEAR's EX-series Wi-Fi range extenders (EX3700, EX3800, EX6120, EX6130), Orbi Pro mesh routers and satellites (MR60, MR70, MR80, MS60, MS70, MS80), and a wide set of consumer and enthusiast routers (R6400v2, R6700v3, R6900P, R7000, R7000P, R7960P, R8000P, R8500, XR1000, and multiple RAX/RAXE AX-series models). The CPE strings (cpe:2.3:a:netgear:*) confirm these are firmware-level application vulnerabilities, not hardware defects. The CVSS 4.0 attack vector of AV:A constrains exploitation to the local network segment (LAN or Wi-Fi), meaning the attacker must already have adjacency - typically sharing the same subnet or wireless network as the device.

RemediationAI

Vendor-released patches are available for all affected models; administrators should upgrade to the fixed firmware versions listed per model (see affected_products for exact thresholds). NETGEAR publishes firmware directly through its support portal - consult the product-specific pages such as https://www.netgear.com/support/product/ex3700/, https://www.netgear.com/support/product/mr60/, https://www.netgear.com/support/product/r6900p/, and equivalent pages for each device. As a compensating control prior to patching, restrict wireless and wired LAN access to the router's administrative interface by enabling NETGEAR's access control features to whitelist specific MAC addresses or management IP ranges, reducing the pool of adjacent-network hosts that can reach the management plane. Disabling remote management (if not already disabled by default) eliminates the WAN attack surface entirely, though this does not address the LAN-side AV:A vector. Note that given the PR:N and Authentication Bypass tag, password rotation alone is unlikely to be an effective mitigating control if the flaw bypasses authentication before credentials are checked.

Share

EUVD-2026-35459 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy