Insufficient input validation in certain NETGEAR routers
Summary
| CVE | CVE-2026-0410 |
|---|---|
| State | PUBLISHED |
| Assigner | NETGEAR |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-06-09 17:16:58 UTC |
| Updated | 2026-06-18 18:09:28 UTC |
| Description | Authenticated administrators connected to the local network can gain elevated access to the router and make unauthorized changes to router software and functionality. |
Risk And Classification
Primary CVSS: v4.0 1.9 LOW from a2826606-91e7-4eb6-899e-8484bd4575d5
CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber
EPSS: 0.002370000 probability, percentile 0.144680000 (date 2026-06-16)
Problem Types: CWE-20 | CWE-20 CWE-20 Insufficient input validation
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 4.0 | a2826606-91e7-4eb6-899e-8484bd4575d5 | Secondary | 1.9 | LOW | CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/C... |
| 4.0 | CNA | CVSS | 1.9 | LOW | CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V... |
| 3.1 | [email protected] | Primary | 4.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N |
CVSS v4.0 Breakdown
CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber
CVSS v3.1 Breakdown
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Netgear | R7000 | - | All | All | All |
| Operating System | Netgear | R7000 Firmware | All | All | All | All |
| Hardware | Netgear | Rax20 | - | All | All | All |
| Operating System | Netgear | Rax20 Firmware | All | All | All | All |
| Hardware | Netgear | Rax35v2 | - | All | All | All |
| Operating System | Netgear | Rax35v2 Firmware | All | All | All | All |
| Hardware | Netgear | Rax41 | - | All | All | All |
| Hardware | Netgear | Rax41v2 | - | All | All | All |
| Operating System | Netgear | Rax41v2 Firmware | All | All | All | All |
| Operating System | Netgear | Rax41 Firmware | All | All | All | All |
| Hardware | Netgear | Rax42 | - | All | All | All |
| Hardware | Netgear | Rax42v2 | - | All | All | All |
| Operating System | Netgear | Rax42v2 Firmware | All | All | All | All |
| Operating System | Netgear | Rax42 Firmware | All | All | All | All |
| Hardware | Netgear | Rax43 | - | All | All | All |
| Hardware | Netgear | Rax43v2 | - | All | All | All |
| Operating System | Netgear | Rax43v2 Firmware | All | All | All | All |
| Operating System | Netgear | Rax43 Firmware | All | All | All | All |
| Hardware | Netgear | Rax45 | - | All | All | All |
| Operating System | Netgear | Rax45 Firmware | All | All | All | All |
| Hardware | Netgear | Rax49s | - | All | All | All |
| Operating System | Netgear | Rax49s Firmware | All | All | All | All |
| Hardware | Netgear | Rax50 | - | All | All | All |
| Hardware | Netgear | Rax50s | - | All | All | All |
| Operating System | Netgear | Rax50s Firmware | All | All | All | All |
| Hardware | Netgear | Rax50v2 | - | All | All | All |
| Operating System | Netgear | Rax50v2 Firmware | All | All | All | All |
| Operating System | Netgear | Rax50 Firmware | All | All | All | All |
| Hardware | Netgear | Rax54sv2 | - | All | All | All |
| Operating System | Netgear | Rax54sv2 Firmware | All | All | All | All |
| Hardware | Netgear | Raxe450 | - | All | All | All |
| Operating System | Netgear | Raxe450 Firmware | All | All | All | All |
| Hardware | Netgear | Raxe500 | - | All | All | All |
| Operating System | Netgear | Raxe500 Firmware | All | All | All | All |
| Hardware | Netgear | Xr1000 | - | All | All | All |
| Hardware | Netgear | Xr1000v2 | - | All | All | All |
| Operating System | Netgear | Xr1000v2 Firmware | All | All | All | All |
| Operating System | Netgear | Xr1000 Firmware | All | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | NETGEAR | R7000 | affected V1.0.11.216 custom | Not specified |
| CNA | NETGEAR | RAX20 | affected V1.0.18.144 custom | Not specified |
| CNA | NETGEAR | RAX35v2 | affected V1.0.16.132 custom | Not specified |
| CNA | NETGEAR | RAX41 | affected V1.0.16.132 custom | Not specified |
| CNA | NETGEAR | RAX41v2 | affected V1.1.4.28 custom | Not specified |
| CNA | NETGEAR | RAX42 | affected V1.0.16.132 custom | Not specified |
| CNA | NETGEAR | RAX42v2 | affected V1.1.4.28 custom | Not specified |
| CNA | NETGEAR | RAX43 | affected V1.0.16.132 custom | Not specified |
| CNA | NETGEAR | RAX43v2 | affected V1.1.4.28 custom | Not specified |
| CNA | NETGEAR | RAX45 | affected V1.0.16.132 custom | Not specified |
| CNA | NETGEAR | RAX49S | affected V1.1.4.28 custom | Not specified |
| CNA | NETGEAR | RAX50 | affected V1.0.16.132 custom | Not specified |
| CNA | NETGEAR | RAX50S | affected V1.0.16.132 custom | Not specified |
| CNA | NETGEAR | RAX50v2 | affected V1.1.4.28 custom | Not specified |
| CNA | NETGEAR | RAX54Sv2 | affected V1.1.4.28 custom | Not specified |
| CNA | NETGEAR | RAX54v2 | affected V1.1.4.28 custom | Not specified |
| CNA | NETGEAR | RAXE450 | affected V1.2.14.114 custom | Not specified |
| CNA | NETGEAR | RAXE500 | affected V1.2.14.114 custom | Not specified |
| CNA | NETGEAR | XR1000 | affected V1.1.0.22 custom | Not specified |
| CNA | NETGEAR | XR1000v2 | affected V1.1.0.22 custom | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| www.netgear.com/support/product/rax43 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory | a2826606-91e7-4eb6-899e-8484bd4575d5 | kb.netgear.com | Vendor Advisory |
| www.netgear.com/support/product/rax20 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/rax50s | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/rax43v2 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/rax50v2 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/xr1000v2 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/rax49s | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/xr1000 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/rax42v2 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/raxe450 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/rax41v2 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/rax42 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/rax54sv2 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/r7000 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/rax45 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/rax35v2 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/rax41 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/rax50 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/raxe500 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
CNA: SmallS (en)
Additional Advisory Data
Solutions
CNA: Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in: ProductFixed VersionR7000 (EoS) Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.0.11.216 https://www.netgear.com/support/product/r7000/ RAX20 (EoS) 4-Stream AX1800 WiFi 6 Router V1.0.18.144 https://www.netgear.com/support/product/rax20/ RAX35v2 Nighthawk AX4 4-Stream AX3000 WiFi 6 Router V1.0.16.132 https://www.netgear.com/support/product/rax35v2/ RAX41 (EoS) Nighthawk AX5 5-Stream AX3600 WiFi Router V1.0.16.132 https://www.netgear.com/support/product/rax41/ RAX41v2 Nighthawk AX5 5-Stream AX3600 WiFi Router V1.1.4.28 https://www.netgear.com/support/product/rax41v2/ RAX42 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.16.132 https://www.netgear.com/support/product/rax42/ RAX42v2 Nighthawk AX5 5-Stream AX4200 WiFi Router V1.1.4.28 https://www.netgear.com/support/product/rax42v2/ RAX43 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.16.132 https://www.netgear.com/support/product/rax43/ RAX43v2 Nighthawk AX5 5-Stream AX4200 WiFi Router V1.1.4.28 https://www.netgear.com/support/product/rax43v2/ RAX45 (EoS) Nighthawk AX6 6-Stream AX4300 WiFi Router V1.0.16.132 https://www.netgear.com/support/product/rax45/ RAX49S Nighthawk AX6 6-Stream AX5300 WiFi Router V1.1.4.28 https://www.netgear.com/support/product/rax49s/ RAX50 Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.16.132 https://www.netgear.com/support/product/rax50/ RAX50S Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.16.132 https://www.netgear.com/support/product/rax50s/ RAX50v2 Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.1.4.28 https://www.netgear.com/support/product/rax50v2/ RAX54Sv2 Nighthawk AX6 6-Stream AX5400 WiFi Router V1.1.4.28 https://www.netgear.com/support/product/rax54sv2/ RAX54v2V1.1.4.28RAXE450 Nighthawk AXE10000 Tri-Band WiFi 6E Router V1.2.14.114 https://www.netgear.com/support/product/raxe450/ RAXE500 Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router V1.2.14.114 https://www.netgear.com/support/product/raxe500/ XR1000 Nighthawk WiFi 6 Pro Gaming Router V1.1.0.22 https://www.netgear.com/support/product/xr1000/ XR1000v2 Nighthawk WiFi 6 Pro Gaming Router V1.1.0.22 https://www.netgear.com/support/product/xr1000v2/ Models marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support.