Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-0415
PUBLISHED
More InfoOfficial Page
Assigner-NETGEAR
Assigner Org ID-a2826606-91e7-4eb6-899e-8484bd4575d5
View Known Exploited Vulnerability (KEV) details
Published At-09 Jun, 2026 | 15:50
Updated At-10 Jun, 2026 | 12:55
Rejected At-
▼CVE Numbering Authority (CNA)
Insufficient input validation vulnerability in certain Orbi routers

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.

Affected Products
Vendor
NETGEAR, Inc.NETGEAR
Product
RBE970
Default Status
unaffected
Versions
Affected
  • From 0 before V9.12.4.9 (custom)
Vendor
NETGEAR, Inc.NETGEAR
Product
RBR750
Default Status
unaffected
Versions
Affected
  • From 0 before V7.2.8.5 (custom)
Vendor
NETGEAR, Inc.NETGEAR
Product
RBR840
Default Status
unaffected
Versions
Affected
  • From 0 before V7.2.8.5 (custom)
Vendor
NETGEAR, Inc.NETGEAR
Product
RBR850
Default Status
unaffected
Versions
Affected
  • From 0 before V7.2.8.5 (custom)
Vendor
NETGEAR, Inc.NETGEAR
Product
RBR860
Default Status
unaffected
Versions
Affected
  • From 0 before V7.2.8.5 (custom)
Vendor
NETGEAR, Inc.NETGEAR
Product
RBRE950
Default Status
unaffected
Versions
Affected
  • From 0 before V7.2.8.5 (custom)
Vendor
NETGEAR, Inc.NETGEAR
Product
RBRE960
Default Status
unaffected
Versions
Affected
  • From 0 before V7.2.8.5 (custom)
Vendor
NETGEAR, Inc.NETGEAR
Product
RBS750
Default Status
unaffected
Versions
Affected
  • From 0 before V7.2.8.5 (custom)
Vendor
NETGEAR, Inc.NETGEAR
Product
RBS840
Default Status
unaffected
Versions
Affected
  • From 0 before V7.2.8.5 (custom)
Vendor
NETGEAR, Inc.NETGEAR
Product
RBS850
Default Status
unaffected
Versions
Affected
  • From 0 before V7.2.8.5 (custom)
Vendor
NETGEAR, Inc.NETGEAR
Product
RBS860
Default Status
unaffected
Versions
Affected
  • From 0 before V7.2.8.5 (custom)
Vendor
NETGEAR, Inc.NETGEAR
Product
RBSE950
Default Status
unaffected
Versions
Affected
  • From 0 before V7.2.8.5 (custom)
Vendor
NETGEAR, Inc.NETGEAR
Product
RBSE960
Default Status
unaffected
Versions
Affected
  • From 0 before V7.2.8.5 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20 Insufficient input validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20 Insufficient input validation
Metrics
VersionBase scoreBase severityVector
4.04.3MEDIUM
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U
Version: 4.0
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-248CAPEC-248 Command Injection
CAPEC ID: CAPEC-248
Description: CAPEC-248 Command Injection
Solutions

Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in: ProductFixed VersionRBE970 Orbi Quad-band Mesh WiFi 7 Add-on Satellite V9.12.4.9 https://www.netgear.com/support/product/rbe970/ RBR750 Orbi WiFi 6 Router AX4200 V7.2.8.5 https://www.netgear.com/support/product/rbr750/ RBR840 (EoS) Orbi WiFi 6 System AX5700 V7.2.8.5 https://www.netgear.com/support/product/rbr840/ RBR850 Orbi WiFi 6 Router AX6000 V7.2.8.5 https://www.netgear.com/support/product/rbr850/ RBR860 Orbi Tri-band Mesh WiFi 6 Router – 860 Series V7.2.8.5 https://www.netgear.com/support/product/rbr860/ RBRE950 Orbi Quad-band Mesh WiFi 6E Router V7.2.8.5 https://www.netgear.com/support/product/rbre950/ RBRE960 Orbi Quad-band Mesh WiFi 6E Router V7.2.8.5 https://www.netgear.com/support/product/rbre960/ RBS750 Orbi WiFi 6 Add-on Satellite AX4200 V7.2.8.5 https://www.netgear.com/support/product/rbs750/ RBS840 (EoS) Orbi WiFi 6 Add-on Satellite AX5700 V7.2.8.5 https://www.netgear.com/support/product/rbs840/ RBS850 Orbi WiFi 6 Satellite AX6000 V7.2.8.5 https://www.netgear.com/support/product/rbs850/ RBS860 Orbi Tri-band Mesh WiFi 6 Add-on Satellite – 860 Series V7.2.8.5 https://www.netgear.com/support/product/rbs860/ RBSE950 Orbi Quad-band Mesh WiFi 6E Add-on Satellite V7.2.8.5 https://www.netgear.com/support/product/rbse950/ RBSE960 Orbi Quad-band Mesh WiFi 6E Add-on Satellite V7.2.8.5 https://www.netgear.com/support/product/rbse960/ Models marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support.

Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.netgear.com/support/product/rbe970/
product
patch
https://www.netgear.com/support/product/rbre950/
product
patch
https://www.netgear.com/support/product/rbr850/
product
patch
https://www.netgear.com/support/product/rbs840/
product
patch
https://www.netgear.com/support/product/rbr750/
product
patch
https://www.netgear.com/support/product/rbs750/
product
patch
https://www.netgear.com/support/product/rbr840/
product
patch
https://www.netgear.com/support/product/rbr860/
product
patch
https://www.netgear.com/support/product/rbre960/
product
patch
https://www.netgear.com/support/product/rbs850/
product
patch
https://www.netgear.com/support/product/rbs860/
product
patch
https://www.netgear.com/support/product/rbse950/
product
patch
https://www.netgear.com/support/product/rbse960/
product
patch
https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory
vendor-advisory
Hyperlink: https://www.netgear.com/support/product/rbe970/
Resource:
product
patch
Hyperlink: https://www.netgear.com/support/product/rbre950/
Resource:
product
patch
Hyperlink: https://www.netgear.com/support/product/rbr850/
Resource:
product
patch
Hyperlink: https://www.netgear.com/support/product/rbs840/
Resource:
product
patch
Hyperlink: https://www.netgear.com/support/product/rbr750/
Resource:
product
patch
Hyperlink: https://www.netgear.com/support/product/rbs750/
Resource:
product
patch
Hyperlink: https://www.netgear.com/support/product/rbr840/
Resource:
product
patch
Hyperlink: https://www.netgear.com/support/product/rbr860/
Resource:
product
patch
Hyperlink: https://www.netgear.com/support/product/rbre960/
Resource:
product
patch
Hyperlink: https://www.netgear.com/support/product/rbs850/
Resource:
product
patch
Hyperlink: https://www.netgear.com/support/product/rbs860/
Resource:
product
patch
Hyperlink: https://www.netgear.com/support/product/rbse950/
Resource:
product
patch
Hyperlink: https://www.netgear.com/support/product/rbse960/
Resource:
product
patch
Hyperlink: https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found