4.3
CVE-2026-0416
- EPSS 0.18%
- Veröffentlicht 09.06.2026 15:50:47
- Zuletzt bearbeitet 11.06.2026 07:16:26
- Quelle a2826606-91e7-4eb6-899e-8484bd
- CVE-Watchlists
- Unerledigt
Improper input validation in certain NETGEAR routers allows unauthorized modification of protected router functionality
An insufficient input validation vulnerability in certain NETGEAR router models as listed allows an authenticated administrator with local network access to submit crafted input that bypasses intended management interface restrictions, resulting in unauthorized modification of protected router software or functionality.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerNETGEAR
≫
Produkt
RAXE450
Default Statusunaffected
Version
V1.0.12.96
Version <
V1.2.14.114
Status
affected
HerstellerNETGEAR
≫
Produkt
RAXE500
Default Statusunaffected
Version
V1.0.12.96
Version <
V1.2.14.114
Status
affected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.18% | 0.076 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| a2826606-91e7-4eb6-899e-8484bd4575d5 | 4.3 | 0 | 0 |
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
https://www.netgear.com/support/product/raxe450/
https://www.netgear.com/support/product/raxe500/
https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory