← volver
CVE-2026-62656

Post-authenticated command injection vulnerability found in certain NETGEAR RAX models

CVSS 5.4 MEDIUMCWE-20
Vexday Risk Score
10Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.4EPSS KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
14 jul 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A security flaw was found in certain NETGEAR RAX models that could allow a logged-in user to send specially crafted requests to the router and run unauthorized commands. This could enable the user to make unauthorized changes to the router and affect its security and operation.
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P