← back
CVE-2026-0410

Insufficient input validation in certain NETGEAR routers

CVSS 1.9 LOWEPSS 0.2%CWE-20
Authenticated administrators connected to the local network can gain elevated access to the router and make unauthorized changes to router software and functionality.
CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber
Affected products
NETGEAR · R7000NETGEAR · RAX20NETGEAR · RAX35v2NETGEAR · RAX41NETGEAR · RAX41v2NETGEAR · RAX42NETGEAR · RAX42v2NETGEAR · RAX43NETGEAR · RAX43v2NETGEAR · RAX45NETGEAR · RAX49SNETGEAR · RAX50NETGEAR · RAX50SNETGEAR · RAX50v2NETGEAR · RAX54Sv2NETGEAR · RAX54v2NETGEAR · RAXE450NETGEAR · RAXE500NETGEAR · XR1000NETGEAR · XR1000v2

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisoryhttps://www.netgear.com/support/product/r7000/https://www.netgear.com/support/product/rax20/https://www.netgear.com/support/product/rax35v2/https://www.netgear.com/support/product/rax41/https://www.netgear.com/support/product/rax41v2/https://www.netgear.com/support/product/rax42/https://www.netgear.com/support/product/rax42v2/https://www.netgear.com/support/product/rax43/https://www.netgear.com/support/product/rax43v2/https://www.netgear.com/support/product/rax45/https://www.netgear.com/support/product/rax49s/