CVE-2026-9212
Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute comma...
Published: 2026-06-09 · Last updated: 2026-06-09
Severity and scoring
- CWE
- CWE-20, CWE-306
Description
Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute commands impacting product's confidentiality or change certain configurations.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-9212
- [Other]https://www.netgear.com/support/product/lbr1020/
- [Other]https://www.netgear.com/support/product/lbr20/
- [Other]https://www.netgear.com/support/product/r6700ax/
- [Other]https://www.netgear.com/support/product/r7800/
- [Other]https://www.netgear.com/support/product/r9000/
- [Other]https://www.netgear.com/support/product/rax10/
- [Other]https://www.netgear.com/support/product/rax120/
- [Other]https://www.netgear.com/support/product/rax120v2/
- [Other]https://www.netgear.com/support/product/rax36s/
- [Other]https://www.netgear.com/support/product/rax70/
- [Other]https://www.netgear.com/support/product/rax78/
- [Other]https://www.netgear.com/support/product/rbr10/
- [Other]https://www.netgear.com/support/product/rbr20/
- [Other]https://www.netgear.com/support/product/rbr350/
- [Other]https://www.netgear.com/support/product/rbr40/
- [Other]https://www.netgear.com/support/product/rbr50/
- [Other]https://www.netgear.com/support/product/rbs10/
- [Other]https://www.netgear.com/support/product/rbs20/
- [Other]https://www.netgear.com/support/product/rbs350/
- [Other]https://www.netgear.com/support/product/rbs40/
- [Other]https://www.netgear.com/support/product/rbs50/
- [Other]https://www.netgear.com/support/product/xr450/
- [Other]https://www.netgear.com/support/product/xr500/
Related CVEs
Same CWE
- CVE-2026-45329 — ESF-IDF is the Espressif Internet of Things (IOT) Development Framework (7.1 HIGH)
- CVE-2026-45328 — ESF-IDF is the Espressif Internet of Things (IOT) Development Framework (9.3 CRITICAL)
- CVE-2026-41727 — Spring Kafka's retry topic infrastructure did not sufficiently validate user-controlled header values before acting on them (6.5 MEDIUM)
- CVE-2026-47903 — CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Improper Input Validation vulnerability (6.2 MEDIUM)
- CVE-2026-34712 — CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Improper Input Validation vulnerability (7.5 HIGH)