Vulnerability-Lookup

GHSA-JX2Q-67WH-XH52

Vulnerability from github – Published: 2026-06-09 18:31 – Updated: 2026-06-11 09:31

Details

A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper traffic between the router and the Internet, to execute code on the device.

Severity

6.9 (Medium)


                  
                    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-9213"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-09T17:17:51Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in\u00a0the affected\u00a0NETGEAR gaming routers allows\u00a0attackers with\u00a0the ability to intercept and tamper traffic between\u00a0the router and the Internet, to execute code on the device.",
  "id": "GHSA-jx2q-67wh-xh52",
  "modified": "2026-06-11T09:31:55Z",
  "published": "2026-06-09T18:31:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9213"
    },
    {
      "type": "WEB",
      "url": "https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory"
    },
    {
      "type": "WEB",
      "url": "https://www.netgear.com/support/product/mr70"
    },
    {
      "type": "WEB",
      "url": "https://www.netgear.com/support/product/ms70"
    },
    {
      "type": "WEB",
      "url": "https://www.netgear.com/support/product/raxe500"
    },
    {
      "type": "WEB",
      "url": "https://www.netgear.com/support/product/xr1000"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

CVE-2026-9213 (GCVE-0-2026-9213)

Vulnerability from cvelistv5 – Published: 2026-06-09 15:50 – Updated: 2026-06-11 05:15

Title

Insufficient input validation in certain NETGEAR routers

Summary

A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper with traffic between the router and the Internet, to execute code on the device.

Severity

6.9 (Medium)


                        
                          CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-20 - Insufficient input validation

Assigner

NETGEAR

References

5 references

URL	Tags
https://www.netgear.com/support/product/mr70/	productpatch
https://www.netgear.com/support/product/ms70/	productpatch
https://www.netgear.com/support/product/raxe500/	productpatch
https://www.netgear.com/support/product/xr1000/	productpatch
https://kb.netgear.com/000070811/June-2026-NETGEA…	vendor-advisory

Impacted products

4 products

Vendor	Product	Version
NETGEAR	MR70	Affected: 0 , < V1.0.4.48 (custom)
NETGEAR	MS70	Affected: 0 , < V1.0.4.48 (custom)
NETGEAR	RAXE500	Affected: 0 , < V1.2.14.114 (custom)
NETGEAR	XR1000	Affected: 0 , < V1.0.2.86 (custom)

Date Public

2026-06-09 00:00

Credits

fluorescent

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-9213",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-09T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-10T03:59:25.150Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MR70",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "V1.0.4.48",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS70",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "V1.0.4.48",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RAXE500",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "V1.2.14.114",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "XR1000",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "V1.0.2.86",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "fluorescent"
        }
      ],
      "datePublic": "2026-06-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003cspan\u003eA vulnerability in\u003c/span\u003e\u003cspan\u003e\u0026nbsp;the affected\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNETGEAR gaming routers allows\u003c/span\u003e\u003cspan\u003e\u0026nbsp;\u003c/span\u003e\u003cspan\u003eattackers with\u003c/span\u003e\u003cspan\u003e\u0026nbsp;\u003c/span\u003e\u003cspan\u003ethe ability to intercept and tamper with traffic between\u003c/span\u003e\u003cspan\u003e\u0026nbsp;\u003c/span\u003e\u003cspan\u003ethe router and the I\u003c/span\u003e\u003cspan\u003enternet, to execute code on the device.\u003c/span\u003e\u003c/p\u003e"
            }
          ],
          "value": "A vulnerability in\u00a0the affected\u00a0NETGEAR gaming routers allows\u00a0attackers with\u00a0the ability to intercept and tamper with traffic between\u00a0the router and the Internet, to execute code on the device."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-248",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-248 Command Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Insufficient input validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-11T05:15:19.347Z",
        "orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
        "shortName": "NETGEAR"
      },
      "references": [
        {
          "tags": [
            "product",
            "patch"
          ],
          "url": "https://www.netgear.com/support/product/mr70/"
        },
        {
          "tags": [
            "product",
            "patch"
          ],
          "url": "https://www.netgear.com/support/product/ms70/"
        },
        {
          "tags": [
            "product",
            "patch"
          ],
          "url": "https://www.netgear.com/support/product/raxe500/"
        },
        {
          "tags": [
            "product",
            "patch"
          ],
          "url": "https://www.netgear.com/support/product/xr1000/"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\u003c/p\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eProduct\u003c/th\u003e\u003cth\u003eFixed Version\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMR70\u003c/b\u003e Nighthawk Mesh WiFi 6 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/mr70/\"\u003eV1.0.4.48\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eMS70\u003c/b\u003e Nighthawk Mesh WiFi 6 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/ms70/\"\u003eV1.0.4.48\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRAXE500\u003c/b\u003e Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/raxe500/\"\u003eV1.2.14.114\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eXR1000\u003c/b\u003e Nighthawk WiFi 6 Pro Gaming Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/xr1000/\"\u003eV1.0.2.86\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
            }
          ],
          "value": "Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\n\nProductFixed VersionMR70 Nighthawk Mesh WiFi 6 Router V1.0.4.48 https://www.netgear.com/support/product/mr70/ MS70 Nighthawk Mesh WiFi 6 Add-on Satellite V1.0.4.48 https://www.netgear.com/support/product/ms70/ RAXE500 Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router V1.2.14.114 https://www.netgear.com/support/product/raxe500/ XR1000 Nighthawk WiFi 6 Pro Gaming Router V1.0.2.86 https://www.netgear.com/support/product/xr1000/"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Insufficient input validation in certain NETGEAR routers",
      "x_generator": {
        "engine": "Vulnogram 1.0.3"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
    "assignerShortName": "NETGEAR",
    "cveId": "CVE-2026-9213",
    "datePublished": "2026-06-09T15:50:46.744Z",
    "dateReserved": "2026-05-21T17:29:06.017Z",
    "dateUpdated": "2026-06-11T05:15:19.347Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-JX2Q-67WH-XH52

CVE-2026-9213 (GCVE-0-2026-9213)

Tags

Sightings

Nomenclature