Insufficient input validation vulnerability in NETGEAR DGND3700v1 modem router
Summary
| CVE | CVE-2026-15757 |
|---|---|
| State | PUBLISHED |
| Assigner | NETGEAR |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-07-14 18:17:12 UTC |
| Updated | 2026-07-14 18:17:12 UTC |
| Description | A security flaw was discovered in the NETGEAR DGND3700v1 that could allow someone on the same local WiFi network to send unauthorized commands to the device. This issue was identified through testing in a controlled research environment using a simulated version of the router's software and has not been confirmed on physical production devices. |
Risk And Classification
Primary CVSS: v4.0 6.3 MEDIUM from a2826606-91e7-4eb6-899e-8484bd4575d5
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber
Problem Types: CWE-20 | CWE-20 CWE-20 Improper input validation
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 4.0 | a2826606-91e7-4eb6-899e-8484bd4575d5 | Secondary | 6.3 | MEDIUM | CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/C... |
| 4.0 | CNA | CVSS | 6.3 | MEDIUM | CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/V... |
CVSS v4.0 Breakdown
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | NETGEAR | DGND3700v1 | affected V1.0.0.17 custom | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| www.netgear.com/support/product/dgnd3700v1 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
CNA: Security Research Center (SRC) @ Concordia University (en)
Additional Advisory Data
Solutions
CNA: NETGEAR DGND3700v1 has reached End-of-Support phase, and no further security updates are planned. NETGEAR strongly recommends replacing these devices with newer NETGEAR models to ensure continued security support and updates. ProductFixed Version