Buffer overflow vulnerability in certain NETGEAR Nighthawk routers

Summary

CVECVE-2026-0413
StatePUBLISHED
AssignerNETGEAR
Source PriorityCVE Program / NVD first with legacy fallback
Published2026-06-09 17:16:58 UTC
Updated2026-06-18 17:57:25 UTC
DescriptionA buffer overflow vulnerability due to insufficient input validation in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.

Risk And Classification

Primary CVSS: v4.0 4.3 MEDIUM from a2826606-91e7-4eb6-899e-8484bd4575d5

CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

EPSS: 0.003230000 probability, percentile 0.238780000 (date 2026-06-24)

Problem Types: CWE-121 | CWE-121 CWE-121 Stack-based buffer overflow


VersionSourceTypeScoreSeverityVector
4.0a2826606-91e7-4eb6-899e-8484bd4575d5Secondary4.3MEDIUMCVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/C...
4.0CNACVSS4.3MEDIUMCVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U
3.1[email protected]Primary4.5MEDIUMCVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

CVSS v4.0 Breakdown

Attack Vector
Adjacent
Attack Complexity
Low
Attack Requirements
None
Privileges Required
High
User Interaction
None
Confidentiality
None
Integrity
High
Availability
None
Sub Conf.
None
Sub Integrity
None
Sub Availability
None

CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CVSS v3.1 Breakdown

Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Hardware Netgear Rbe370 - All All All
Operating System Netgear Rbe370 Firmware All All All All
Hardware Netgear Rbe770 - All All All
Operating System Netgear Rbe770 Firmware All All All All
Hardware Netgear Rbr750 - All All All
Operating System Netgear Rbr750 Firmware All All All All
Hardware Netgear Rbr840 - All All All
Operating System Netgear Rbr840 Firmware All All All All
Hardware Netgear Rbr850 - All All All
Operating System Netgear Rbr850 Firmware All All All All
Hardware Netgear Rbr860 - All All All
Operating System Netgear Rbr860 Firmware All All All All
Hardware Netgear Rbre950 - All All All
Operating System Netgear Rbre950 Firmware All All All All
Hardware Netgear Rbre960 - All All All
Operating System Netgear Rbre960 Firmware All All All All
Hardware Netgear Rbs750 - All All All
Operating System Netgear Rbs750 Firmware All All All All
Hardware Netgear Rbs840 - All All All
Operating System Netgear Rbs840 Firmware All All All All
Hardware Netgear Rbs850 - All All All
Operating System Netgear Rbs850 Firmware All All All All
Hardware Netgear Rbs860 - All All All
Operating System Netgear Rbs860 Firmware All All All All
Hardware Netgear Rbse950 - All All All
Operating System Netgear Rbse950 Firmware All All All All
Hardware Netgear Rbse960 - All All All
Operating System Netgear Rbse960 Firmware All All All All

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA NETGEAR RBE370 affected V12.1.2.1 custom Not specified
CNA NETGEAR RBE770 affected V10.5.20.10 custom Not specified
CNA NETGEAR RBR750 affected V7.2.8.5 custom Not specified
CNA NETGEAR RBR840 affected V7.2.8.5 custom Not specified
CNA NETGEAR RBR850 affected V7.2.8.5 custom Not specified
CNA NETGEAR RBR860 affected V7.2.8.5 custom Not specified
CNA NETGEAR RBRE950 affected V7.2.8.5 custom Not specified
CNA NETGEAR RBRE960 affected V7.2.8.5 custom Not specified
CNA NETGEAR RBS750 affected V7.2.8.5 custom Not specified
CNA NETGEAR RBS840 affected V7.2.8.5 custom Not specified
CNA NETGEAR RBS850 affected V7.2.8.5 custom Not specified
CNA NETGEAR RBS860 affected V7.2.8.5 custom Not specified
CNA NETGEAR RBSE950 affected V7.2.8.5 custom Not specified
CNA NETGEAR RBSE960 affected V7.2.8.5 custom Not specified

References

ReferenceSourceLinkTags
www.netgear.com/support/product/rbre950 a2826606-91e7-4eb6-899e-8484bd4575d5 www.netgear.com Product
kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory a2826606-91e7-4eb6-899e-8484bd4575d5 kb.netgear.com Vendor Advisory
www.netgear.com/support/product/rbs840 a2826606-91e7-4eb6-899e-8484bd4575d5 www.netgear.com Product
www.netgear.com/support/product/rbr860 a2826606-91e7-4eb6-899e-8484bd4575d5 www.netgear.com Product
www.netgear.com/support/product/rbs750 a2826606-91e7-4eb6-899e-8484bd4575d5 www.netgear.com Product
www.netgear.com/support/product/rbse960 a2826606-91e7-4eb6-899e-8484bd4575d5 www.netgear.com Product
www.netgear.com/support/product/rbs850 a2826606-91e7-4eb6-899e-8484bd4575d5 www.netgear.com Product
www.netgear.com/support/product/rbr750 a2826606-91e7-4eb6-899e-8484bd4575d5 www.netgear.com Product
www.netgear.com/support/product/rbs860 a2826606-91e7-4eb6-899e-8484bd4575d5 www.netgear.com Product
www.netgear.com/support/product/rbe372 a2826606-91e7-4eb6-899e-8484bd4575d5 www.netgear.com Product
www.netgear.com/support/product/rbre960 a2826606-91e7-4eb6-899e-8484bd4575d5 www.netgear.com Product
www.netgear.com/support/product/rbr850 a2826606-91e7-4eb6-899e-8484bd4575d5 www.netgear.com Product
www.netgear.com/support/product/rbe770 a2826606-91e7-4eb6-899e-8484bd4575d5 www.netgear.com Product
www.netgear.com/support/product/rbse950 a2826606-91e7-4eb6-899e-8484bd4575d5 www.netgear.com Product
www.netgear.com/support/product/rbr840 a2826606-91e7-4eb6-899e-8484bd4575d5 www.netgear.com Product
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Vendor Comments And Credit

Discovery Credit

CNA: tmotfl (en)

Additional Advisory Data

Solutions

CNA: Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in: ProductFixed VersionRBE370 Orbi Dual-band Mesh WiFi 7 Add-on Satellite V12.1.2.1 https://www.netgear.com/support/product/rbe370/ RBE770 Orbi Tri-band Mesh WiFi 7 Add-on Satellite V10.5.20.10 https://www.netgear.com/support/product/rbe770/ RBR750 Orbi WiFi 6 Router AX4200 V7.2.8.5 https://www.netgear.com/support/product/rbr750/ RBR840 (EoS) Orbi WiFi 6 System AX5700 V7.2.8.5 https://www.netgear.com/support/product/rbr840/ RBR850 Orbi WiFi 6 Router AX6000 V7.2.8.5 https://www.netgear.com/support/product/rbr850/ RBR860 Orbi Tri-band Mesh WiFi 6 Router – 860 Series V7.2.8.5 https://www.netgear.com/support/product/rbr860/ RBRE950 Orbi Quad-band Mesh WiFi 6E Router V7.2.8.5 https://www.netgear.com/support/product/rbre950/ RBRE960 Orbi Quad-band Mesh WiFi 6E Router V7.2.8.5 https://www.netgear.com/support/product/rbre960/ RBS750 Orbi WiFi 6 Add-on Satellite AX4200 V7.2.8.5 https://www.netgear.com/support/product/rbs750/ RBS840 (EoS) Orbi WiFi 6 Add-on Satellite AX5700 V7.2.8.5 https://www.netgear.com/support/product/rbs840/ RBS850 Orbi WiFi 6 Satellite AX6000 V7.2.8.5 https://www.netgear.com/support/product/rbs850/ RBS860 Orbi Tri-band Mesh WiFi 6 Add-on Satellite – 860 Series V7.2.8.5 https://www.netgear.com/support/product/rbs860/ RBSE950 Orbi Quad-band Mesh WiFi 6E Add-on Satellite V7.2.8.5 https://www.netgear.com/support/product/rbse950/ RBSE960 Orbi Quad-band Mesh WiFi 6E Add-on Satellite V7.2.8.5 https://www.netgear.com/support/product/rbse960/ Models marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support.

© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report