By vendor

Netgear vulnerabilities

Known CVEs affecting Netgear products, prioritized by severity, with SEC.co remediation and detection guidance.

13 published vulnerabilities

  • CVE-2026-0411HIGH 8.0

    A security flaw in NETGEAR Orbi mesh WiFi systems could let someone already on your network steal administrator credentials and take control of your router. The vulnerability affects specific satellite models in the RBR, RBE, and RBS product lines. Standalone Orbi systems without satellites are not at risk. An attacker with network access could escalate from regular user to full administrative control without needing to interact with the device itself.

  • CVE-2026-0419HIGH 8.0

    A flaw in NETGEAR's JR6150 AC750 WiFi router allows anyone connected to the local wireless network to run arbitrary operating system commands on the device. The vulnerability stems from inadequate checking of user input before executing system-level operations. Because this router model reached end-of-support in 2018, NETGEAR has stated no security patches will be released. The company recommends replacing affected devices with current models that receive ongoing security updates.

  • CVE-2026-3088MEDIUM 6.5

    A vulnerability in Netgear mesh router systems allows attackers on the local network to crash the router or knock it offline by sending specially designed requests. No password or authentication is required — the attacker simply needs network access. This is a denial-of-service flaw that can disrupt your home or office WiFi without leaving traditional evidence of intrusion.

  • CVE-2026-0409MEDIUM 6.4

    NETGEAR Orbi 370 series mesh routers contain a vulnerability that allows attackers to execute arbitrary commands on the device. An attacker must intercept and modify network traffic between the router and the Internet, then wait for the device administrator to perform specific management actions. The vulnerability affects Orbi 370, 371, 372, and 374 models running firmware versions prior to V12.1.2.7.

  • CVE-2026-0420MEDIUM 5.9

    NETGEAR's ReadyCloud client application contains a flaw in how it validates TLS certificates, the security handshakes that protect encrypted connections. An attacker positioned on the network path between a user and NETGEAR's servers could intercept and read sensitive data transmitted by the app—such as account credentials or cloud sync information—without being detected. The vulnerability requires specific network conditions to exploit but poses a real confidentiality risk for users relying on ReadyCloud for remote device management.

  • CVE-2026-0410MEDIUM 4.5

    CVE-2026-0410 is a privilege-escalation vulnerability affecting Netgear routers. An authenticated administrator already connected to the local network can exploit improper input validation to gain elevated access and modify router firmware and settings without authorization. The vulnerability requires the attacker to already have valid admin credentials and local network access, which limits the practical threat surface but poses significant risk in environments where router access controls are not tightly managed.

  • CVE-2026-0412MEDIUM 4.5

    A vulnerability in NETGEAR JR6150 routers allows someone with administrative access on the local network to modify the router's software and settings without proper authorization. The issue stems from inadequate validation of user input. This router model is quite old—released in 2014 and no longer supported by NETGEAR as of 2018—meaning no security patches will be issued. The vulnerability was discovered through controlled testing of the device's firmware in a lab environment, not on actual deployed hardware.

  • CVE-2026-0413MEDIUM 4.5

    A buffer overflow flaw in NETGEAR Orbi mesh router firmware allows authenticated administrators on the local network to modify router software and functionality without authorization. The vulnerability stems from insufficient input validation, meaning an admin account could inject malicious data that overwrites system memory. While exploitation requires valid administrative credentials and local network access, the ability to alter router firmware represents a serious integrity compromise.

  • CVE-2026-0414MEDIUM 4.5

    NETGEAR has a vulnerability in certain router models that allows authenticated administrators on the local network to bypass input validation controls and modify the router's software and core functionality without proper authorization checks. While the attacker must already have administrative credentials and be connected locally, the lack of proper validation on modification requests means an insider threat or compromised admin account could alter router behavior in ways the organization doesn't intend or expect.

  • CVE-2026-0415MEDIUM 4.5

    A validation flaw in NETGEAR Orbi and Nighthawk mesh router firmware allows authenticated administrators on the local network to modify router software and settings without proper authorization checks. While the attacker must already have admin credentials and network access, the insufficient input validation creates a pathway to alter router functionality in unintended ways. This is a medium-severity issue affecting a broad range of NETGEAR mesh and satellite models.

  • CVE-2026-0416MEDIUM 4.5

    NETGEAR has identified a vulnerability affecting their RAX Wi-Fi 6 router models (RAXE450 and RAXE500) in which an authenticated administrator on the local network can send specially crafted input through the management interface to bypass built-in security controls. This could allow the attacker to modify the router's protected software or core functionality without authorization. The flaw requires an admin account and physical/local network proximity, which constrains the attack surface but remains a concern in environments where multiple administrators manage network devices.

  • CVE-2026-0417MEDIUM 4.5

    NETGEAR has patched an input validation flaw affecting 21 router models. An authenticated administrator on the local network can send specially crafted requests to bypass validation checks and tamper with the router's core configuration or operation. The vulnerability requires administrator-level access and direct network connectivity, which limits the threat to insider risk or compromised admin accounts on the same network segment. The impact is integrity-focused—data confidentiality and system availability are not affected.

  • CVE-2026-0418MEDIUM 4.5

    CVE-2026-0418 is a configuration management weakness in Netgear networking devices that allows administrators already logged into the local network to make unauthorized changes to system settings. The vulnerability requires authentication and local network access, limiting its reach to internal threats or compromised admin accounts. Netgear has published this issue affecting routers, mesh systems, and cellular gateways across multiple product lines.