{"api_version":"1","generated_at":"2026-06-10T13:41:23+00:00","cve":"CVE-2026-0409","urls":{"html":"https://cve.report/CVE-2026-0409","api":"https://cve.report/api/cve/CVE-2026-0409.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-0409","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-0409"},"summary":{"title":"Netgear Orbi 370 Series Remote Code Execution vulnerability","description":"A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run commands on your device when the device administrator performs certain specific management actions. This issue affects NETGEAR Orbi 370 series devices before V12.1.2.7.","state":"PUBLISHED","assigner":"NETGEAR","published_at":"2026-06-09 17:16:58","updated_at":"2026-06-10 12:16:24"},"problem_types":["CWE-119","CWE-119 CWE-119  Improper Restriction of Operations within the Bounds of a Memory Buffer"],"metrics":[{"version":"4.0","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","score":"4.8","severity":"MEDIUM","vector":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","data":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}},{"version":"4.0","source":"CNA","type":"CVSS","score":"4.8","severity":"MEDIUM","vector":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U","data":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"HIGH","attackRequirements":"PRESENT","attackVector":"NETWORK","baseScore":4.8,"baseSeverity":"MEDIUM","exploitMaturity":"UNREPORTED","privilegesRequired":"NONE","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"ACTIVE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"NOT_DEFINED"}}],"references":[{"url":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory","name":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory","refsource":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.netgear.com/support/product/rbe372/","name":"https://www.netgear.com/support/product/rbe372/","refsource":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-0409","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-0409","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"NETGEAR","product":"Orbi 370","version":"affected V12.1.2.7 custom","platforms":[]}],"timeline":[],"solutions":[{"source":"CNA","title":"","value":"NETGEAR strongly recommends that you install the\nlatest firmware as soon as possible.\n\n\n\nIssue fixed in:\n\nProductFixed VersionNETGEAR Orbi 370 series (RBE370, RBE371, RBE372, RBE374)  V12.1.2.7 https://www.netgear.com/support/product/rbe372/","time":"","lang":"en"}],"workarounds":[],"exploits":[],"credits":[{"source":"CNA","value":"ChinaNuke","lang":"en"}],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-0409","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2026-06-10T03:59:23.715804Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-06-10T10:33:54.075Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unaffected","product":"Orbi 370","vendor":"NETGEAR","versions":[{"lessThan":"V12.1.2.7","status":"affected","version":"0","versionType":"custom"}]}],"credits":[{"lang":"en","type":"finder","value":"ChinaNuke"}],"datePublic":"2026-06-09T00:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"A&nbsp;NETGEAR&nbsp;security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run commands on your device when the device administrator performs certain specific management actions.&nbsp;<span>This issue affects NETGEAR Orbi 370 series devices before V12.1.2.7.</span>"}],"value":"A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run commands on your device when the device administrator performs certain specific management actions. This issue affects NETGEAR Orbi 370 series devices before V12.1.2.7."}],"impacts":[{"capecId":"CAPEC-248","descriptions":[{"lang":"en","value":"CAPEC-248 Command Injection"}]}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"HIGH","attackRequirements":"PRESENT","attackVector":"NETWORK","baseScore":4.8,"baseSeverity":"MEDIUM","exploitMaturity":"UNREPORTED","privilegesRequired":"NONE","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"ACTIVE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-119","description":"CWE-119  Improper Restriction of Operations within the Bounds of a Memory Buffer","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-06-10T11:50:20.952Z","orgId":"a2826606-91e7-4eb6-899e-8484bd4575d5","shortName":"NETGEAR"},"references":[{"tags":["product","patch"],"url":"https://www.netgear.com/support/product/rbe372/"},{"tags":["vendor-advisory"],"url":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>NETGEAR strongly recommends that you install the\nlatest firmware as soon as possible.</p><p>Issue fixed in:</p><table><thead><tr><th>Product</th><th>Fixed Version</th></tr></thead><tbody><tr><td>NETGEAR Orbi 370 series (RBE370, RBE371, RBE372, RBE374)&nbsp;</td><td><a href=\"https://www.netgear.com/support/product/rbe372/\">V12.1.2.7</a></td></tr></tbody></table>"}],"value":"NETGEAR strongly recommends that you install the\nlatest firmware as soon as possible.\n\n\n\nIssue fixed in:\n\nProductFixed VersionNETGEAR Orbi 370 series (RBE370, RBE371, RBE372, RBE374)  V12.1.2.7 https://www.netgear.com/support/product/rbe372/"}],"source":{"discovery":"EXTERNAL"},"title":"Netgear Orbi 370 Series Remote Code Execution vulnerability","x_generator":{"engine":"Vulnogram 1.0.3"}}},"cveMetadata":{"assignerOrgId":"a2826606-91e7-4eb6-899e-8484bd4575d5","assignerShortName":"NETGEAR","cveId":"CVE-2026-0409","datePublished":"2026-06-09T15:39:09.050Z","dateReserved":"2025-12-03T04:16:16.081Z","dateUpdated":"2026-06-10T11:50:20.952Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-06-09 17:16:58","lastModifiedDate":"2026-06-10 12:16:24","problem_types":["CWE-119","CWE-119 CWE-119  Improper Restriction of Operations within the Bounds of a Memory Buffer"],"metrics":{"cvssMetricV40":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"409","Ordinal":"1","Title":"Netgear Orbi 370 Series Remote Code Execution vulnerability","CVE":"CVE-2026-0409","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"409","Ordinal":"1","NoteData":"A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run commands on your device when the device administrator performs certain specific management actions. This issue affects NETGEAR Orbi 370 series devices before V12.1.2.7.","Type":"Description","Title":"Netgear Orbi 370 Series Remote Code Execution vulnerability"}]}}}