Rbse960
Monthly
Stack-based buffer overflow in multiple NETGEAR Orbi mesh WiFi models (RBR860, RBRE950/960, RBE970/971, RBS860, RBSE950/960) enables an unauthenticated adjacent-network attacker to crash or force a restart of the affected device, causing a loss of network connectivity. The root cause is CWE-121 (stack-based buffer overflow), meaning a crafted network payload can overwrite stack memory and destabilize the device process. The CVSS 4.0 supplemental metric E:P indicates a proof-of-concept exploit exists, elevating practical risk despite the moderate base score of 5.7.
Insufficient input validation across multiple NETGEAR Orbi mesh router models (RBR/RBS/RBE series) permits authenticated administrators on the local network to make unauthorized modifications to router software and functionality beyond their intended privilege scope. Affected are all firmware versions prior to V7.2.8.5 on most Orbi models and prior to V9.12.4.9 on the RBE97x series. No public exploit code exists and this vulnerability is not listed in the CISA KEV catalog; NETGEAR self-reported and has released patched firmware addressing the flaw.
Stack-based buffer overflow in NETGEAR Orbi mesh router firmware (RBE, RBR, RBS series) enables authenticated administrators with local network access to submit malformed buffer input that bypasses validation and triggers unauthorized modification of router software and functionality. The attack surface is significantly constrained by the requirement for both administrative credentials (PR:H) and adjacent network positioning (AV:A), limiting realistic exposure to insider threats or scenarios where an attacker has already compromised admin credentials within the LAN. No public exploit identified at time of analysis, SSVC confirms exploitation status as none, and vendor-released patches are available across all affected model lines.
System integrity tampering across a broad portfolio of NETGEAR home and small-business networking devices allows authenticated administrators on the local network to manipulate device configuration beyond intended boundaries, classified under CWE-15 (External Control of System or Configuration Setting). The CVSS 4.0 vector (AV:A/PR:H/VI:H) confirms that exploitation is constrained to adjacent network access with high-privilege credentials, yet the integrity impact on the vulnerable system is rated High. No public exploit code exists (SSVC: Exploitation none; CVSS E:U), and NETGEAR has released firmware patches for all affected product lines.
Denial-of-service via out-of-bounds write in NETGEAR Orbi mesh router and satellite firmware allows unauthenticated, adjacent-network attackers to render affected devices unavailable by sending specially crafted requests. The vulnerability affects multiple Orbi 860/950/960/970/971-series devices across a broad firmware version range, with fixed builds available per vendor advisory. No public exploit code or active exploitation has been identified at time of analysis (CVSS E:U), though the low attack complexity and absence of any authentication requirement make this straightforward to reproduce for any attacker with local network access.
Stack-based buffer overflow in multiple NETGEAR Orbi mesh WiFi models (RBR860, RBRE950/960, RBE970/971, RBS860, RBSE950/960) enables an unauthenticated adjacent-network attacker to crash or force a restart of the affected device, causing a loss of network connectivity. The root cause is CWE-121 (stack-based buffer overflow), meaning a crafted network payload can overwrite stack memory and destabilize the device process. The CVSS 4.0 supplemental metric E:P indicates a proof-of-concept exploit exists, elevating practical risk despite the moderate base score of 5.7.
Insufficient input validation across multiple NETGEAR Orbi mesh router models (RBR/RBS/RBE series) permits authenticated administrators on the local network to make unauthorized modifications to router software and functionality beyond their intended privilege scope. Affected are all firmware versions prior to V7.2.8.5 on most Orbi models and prior to V9.12.4.9 on the RBE97x series. No public exploit code exists and this vulnerability is not listed in the CISA KEV catalog; NETGEAR self-reported and has released patched firmware addressing the flaw.
Stack-based buffer overflow in NETGEAR Orbi mesh router firmware (RBE, RBR, RBS series) enables authenticated administrators with local network access to submit malformed buffer input that bypasses validation and triggers unauthorized modification of router software and functionality. The attack surface is significantly constrained by the requirement for both administrative credentials (PR:H) and adjacent network positioning (AV:A), limiting realistic exposure to insider threats or scenarios where an attacker has already compromised admin credentials within the LAN. No public exploit identified at time of analysis, SSVC confirms exploitation status as none, and vendor-released patches are available across all affected model lines.
System integrity tampering across a broad portfolio of NETGEAR home and small-business networking devices allows authenticated administrators on the local network to manipulate device configuration beyond intended boundaries, classified under CWE-15 (External Control of System or Configuration Setting). The CVSS 4.0 vector (AV:A/PR:H/VI:H) confirms that exploitation is constrained to adjacent network access with high-privilege credentials, yet the integrity impact on the vulnerable system is rated High. No public exploit code exists (SSVC: Exploitation none; CVSS E:U), and NETGEAR has released firmware patches for all affected product lines.
Denial-of-service via out-of-bounds write in NETGEAR Orbi mesh router and satellite firmware allows unauthenticated, adjacent-network attackers to render affected devices unavailable by sending specially crafted requests. The vulnerability affects multiple Orbi 860/950/960/970/971-series devices across a broad firmware version range, with fixed builds available per vendor advisory. No public exploit code or active exploitation has been identified at time of analysis (CVSS E:U), though the low attack complexity and absence of any authentication requirement make this straightforward to reproduce for any attacker with local network access.