Certain NETGEAR routers allow authenticated administrators to gain unintended control of the router

Summary

CVE	CVE-2026-9210
State	PUBLISHED
Assigner	NETGEAR
Source Priority	CVE Program / NVD first with legacy fallback
Published	2026-06-09 17:17:51 UTC
Updated	2026-06-09 19:38:32 UTC
Description	Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.

Risk And Classification

Primary CVSS: v4.0 4.9 MEDIUM from a2826606-91e7-4eb6-899e-8484bd4575d5

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber

Problem Types: CWE-20 | CWE-20 CWE-20 Improper input validation

Version	Source	Type	Score	Severity	Vector
4.0	a2826606-91e7-4eb6-899e-8484bd4575d5	Secondary	4.9	MEDIUM	`CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/C...`
4.0	CNA	CVSS	4.9	MEDIUM	`CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V...`

CVSS v4.0 Breakdown

Attack Vector

Adjacent

Attack Complexity

Low

Attack Requirements

None

Privileges Required

None

User Interaction

None

Confidentiality

None

Integrity

High

Availability

None

Sub Conf.

None

Sub Integrity

None

Sub Availability

None

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber

Vendor Declared Affected Products

Source	Vendor	Product	Version	Platforms
CNA	NETGEAR	EX3700	affected V1.0.0.100 custom	Not specified
CNA	NETGEAR	EX3800	affected V1.0.0.100 custom	Not specified
CNA	NETGEAR	EX6120	affected V1.0.0.72 custom	Not specified
CNA	NETGEAR	EX6130	affected V1.0.0.54 custom	Not specified
CNA	NETGEAR	MR60	affected V1.1.7.132 custom	Not specified
CNA	NETGEAR	MR70	affected V1.0.3.28 custom	Not specified
CNA	NETGEAR	MR80	affected V1.1.7.14 custom	Not specified
CNA	NETGEAR	MS60	affected V1.1.7.132 custom	Not specified
CNA	NETGEAR	MS70	affected V1.0.3.28 custom	Not specified
CNA	NETGEAR	MS80	affected V1.1.7.14 custom	Not specified
CNA	NETGEAR	R6400v2	affected V1.0.4.128 custom	Not specified
CNA	NETGEAR	R6700v3	affected V1.0.4.128 custom	Not specified
CNA	NETGEAR	R6900P	affected V1.3.3.152 custom	Not specified
CNA	NETGEAR	R7000	affected V1.0.11.216 custom	Not specified
CNA	NETGEAR	R7000P	affected V1.3.3.152 custom	Not specified
CNA	NETGEAR	R7960P	affected V1.4.4.92 custom	Not specified
CNA	NETGEAR	R8000P	affected V1.4.4.92 custom	Not specified
CNA	NETGEAR	R8500	affected 1.0.2.160 custom	Not specified
CNA	NETGEAR	RAX20	affected V1.0.18.144 custom	Not specified
CNA	NETGEAR	RAX35v2	affected V1.0.12.118 custom	Not specified
CNA	NETGEAR	RAX40v2	affected V1.0.12.118 custom	Not specified
CNA	NETGEAR	RAX41	affected V1.0.12.118 custom	Not specified
CNA	NETGEAR	RAX42	affected V1.0.12.118 custom	Not specified
CNA	NETGEAR	RAX43	affected V1.0.12.120 custom	Not specified
CNA	NETGEAR	RAX45	affected V1.0.12.118 custom	Not specified
CNA	NETGEAR	RAX48	affected V1.0.12.118 custom	Not specified
CNA	NETGEAR	RAX50	affected V1.0.12.120 custom	Not specified
CNA	NETGEAR	RAX50S	affected V1.0.12.120 custom	Not specified
CNA	NETGEAR	RAXE450	affected V1.0.10.86 custom	Not specified
CNA	NETGEAR	RAXE500	affected V1.0.10.86 custom	Not specified
CNA	NETGEAR	XR1000	affected V1.0.0.68 custom	Not specified

References

Reference	Source	Link	Tags
www.netgear.com/support/product/ex3800	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/r6400v2	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/rax43	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/rax20	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/r7000p	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/r7960p	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/rax50s	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/ex3700	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/ms70	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/ex6120	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/mr70	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/mr80	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/ms80	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/ex6130	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/r8000p	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/xr1000	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/rax48	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/r8500	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/raxe450	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/r6900p	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/rax42	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/r7000	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/mr60	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/rax45	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/ms60	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/rax35v2	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/rax41	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/rax40v2	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/rax50	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/r6700v3	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
www.netgear.com/support/product/raxe500	a2826606-91e7-4eb6-899e-8484bd4575d5	www.netgear.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

Vendor Comments And Credit

Discovery Credit

CNA: pjqwudi (en)

Additional Advisory Data

Solutions

CNA: NETGEAR strongly recommends that you install the latest firmware as soon as possible. Issue fixed in: ProductFixed VersionEX3700 V1.0.0.100 https://www.netgear.com/support/product/ex3700/ EX3800* V1.0.0.100 https://www.netgear.com/support/product/ex3800/ EX6120 V1.0.0.72 https://www.netgear.com/support/product/ex6120/ EX6130 V1.0.0.54 https://www.netgear.com/support/product/ex6130/ MR60V1.1.7.132MR70V1.0.3.28MR80V1.1.7.14MS60V1.1.7.132MS70V1.0.3.28MS80V1.1.7.14R6400v2*V1.0.4.128R6700v3*V1.0.4.128R6900P*V1.3.3.152R7000*V1.0.11.216R7000P*V1.3.3.152R7960P*V1.4.4.92R8000P*V1.4.4.92R8500*EoSRAX20* V1.0.18.144 https://www.netgear.com/support/product/rax20/ RAX35v2V1.0.12.118RAX40v2V1.0.12.118RAX41*V1.0.12.118RAX42*V1.0.12.118RAX43*V1.0.12.120RAX45*V1.0.12.118RAX48V1.0.12.118RAX50V1.0.12.120RAX50SV1.0.12.120RAXE450V1.0.10.86RAXE500V1.0.10.86XR1000V1.0.0.68 * Model has reached its End-of-Support phase and no future security updates are planned. NETGEAR strongly recommends that you retire this device and upgrade to a newer NETGEAR product for continued security support.

There are currently no legacy QID mappings associated with this CVE.