Authenticated users can make unauthorized changes on NETGEAR WAX333 Access Points
Summary
| CVE | CVE-2026-62659 |
|---|---|
| State | PUBLISHED |
| Assigner | NETGEAR |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-07-14 18:18:48 UTC |
| Updated | 2026-07-14 18:18:48 UTC |
| Description | A security flaw was discovered in the NETGEAR WAX333 Access Point that could allow someone already logged in and connected to the local network to make unauthorized changes to the device's settings |
Risk And Classification
Primary CVSS: v4.0 4.3 MEDIUM from a2826606-91e7-4eb6-899e-8484bd4575d5
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber
Problem Types: CWE-20 | CWE-20 CWE-20 Improper input validation
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 4.0 | a2826606-91e7-4eb6-899e-8484bd4575d5 | Secondary | 4.3 | MEDIUM | CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/C... |
| 4.0 | CNA | CVSS | 4.3 | MEDIUM | CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V... |
CVSS v4.0 Breakdown
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| www.netgear.com/support/product/wax333 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
CNA: ziqiweiaaa (en)
Additional Advisory Data
Solutions
CNA: Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in: ProductFixed VersionWAX333 Insight Managed WiFi 6 AX3000 Dual-band Access Point with Gigabit PoE (3-pack) V2.8.0.100 https://www.netgear.com/support/product/WAX333/