Severity by source
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from Vendor (NETGEAR) · only source for this CVE.
CVSS VectorVendor: NETGEAR
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.
AnalysisAI
Code injection in NETGEAR RBE97x routers (firmware prior to V9.12.4.9) enables authenticated administrators on the local network to make unauthorized modifications to router software and functionality beyond their sanctioned scope. The vulnerability stems from insufficient input validation (CWE-94), where administrator-supplied input is not properly sanitized before being processed, potentially allowing execution of injected code. No public exploit exists and CISA SSVC classifies exploitation status as 'none', making this a low-urgency but valid integrity risk for environments where shared or compromised admin accounts are a concern.
Technical ContextAI
The root cause is CWE-94 (Improper Control of Generation of Code - Code Injection), where the router's administrative interface fails to adequately validate or sanitize input provided by authenticated administrators. This allows crafted input to be interpreted and executed as code rather than data, a classic injection pattern. The affected hardware is the NETGEAR RBE97x (CPE: cpe:2.3:a:netgear:rbe97x), a prosumer/SMB Wi-Fi 6 access point and router platform. The CVSS 4.0 vector (AV:A/AC:L/AT:N/PR:H/UI:N) confirms the attack is adjacent-network only - the attacker must be physically or logically co-located on the same network segment - and requires high-privilege (administrator-level) credentials, sharply limiting the realistic attack surface.
RemediationAI
The primary fix is to upgrade NETGEAR RBE97x firmware to version V9.12.4.9 or later, which is available directly from NETGEAR at https://www.netgear.com/support/product/rbe970/. This is a vendor-released patch and is the recommended remediation. As a compensating control prior to patching, restrict administrative access to the router's management interface to only explicitly trusted devices and IP addresses using access control lists or VLAN segmentation; note this does not eliminate the vulnerability but reduces the population of potential abusers. Additionally, audit and rotate administrator credentials and enforce the principle of least privilege - avoid sharing admin accounts across multiple personnel. These controls reduce insider and compromised-credential risk but are not substitutes for applying the firmware update.
Insufficient input validation across multiple NETGEAR Orbi mesh router models (RBR/RBS/RBE series) permits authenticated
Information disclosure in NETGEAR Orbi satellite devices (RBR350, RBR760, RBS350, RBS760, RBE97x) allows a low-privilege
Same weakness CWE-94 – Code Injection
View allSame technique Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-35463
GHSA-2w26-w7q4-pcw2