Description
A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run commands on your device when the device administrator performs certain specific management actions. This issue affects NETGEAR Orbi 370 series devices before V12.1.2.7.
Published: 2026-06-09
Score: 4.8 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A buffer‑overflow flaw (CWE‑119) in Netgear Orbi 370 series routers allows an attacker who can intercept and modify traffic between the router and the Internet to execute commands on the device when the local administrator performs specific management actions. The vulnerability enables the attacker to gain administrative control, modify configuration, install malware, or disrupt network operations.

Affected Systems

Devices in the Orbi 370 series – models RBE370, RBE371, RBE372, and RBE374 – running firmware versions earlier than V12.1.2.7 are affected.

Risk and Exploitability

The base CVSS score of 4.8 indicates moderate severity, and the EPSS score is unavailable, so the likelihood of exploitation is unknown. The flaw is not listed in the CISA KEV catalog. Exploitation requires the attacker to have the ability to tamper with traffic between the router and the Internet and to trigger management actions on the device, making widespread exploitation less likely. However, a successful exploit would provide full administrative authority over the router.

Generated by OpenCVE AI on June 9, 2026 at 17:51 UTC.

Remediation

Vendor Solution

NETGEAR strongly recommends that you install the latest firmware as soon as possible. Issue fixed in: ProductFixed VersionNETGEAR Orbi 370 series (RBE370, RBE371, RBE372, RBE374)  V12.1.2.7 https://www.netgear.com/support/product/rbe372/

OpenCVE Recommended Actions

  • Update the router firmware to version V12.1.2.7 or later as released by Netgear
  • Disable remote management or restrict it to a secure local network to reduce the attack surface
  • Perform firmware updates over a trusted network and monitor for unexpected traffic patterns that may indicate tampering

Generated by OpenCVE AI on June 9, 2026 at 17:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Netgear
Netgear orbi 370
Vendors & Products Netgear
Netgear orbi 370

Tue, 09 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Description A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run commands on your device when the device administrator performs certain specific management actions. This issue affects NETGEAR Orbi 370 series devices before V12.1.2.7.
Title Netgear Orbi 370 Series Remote Code Execution vulnerability
Weaknesses CWE-119
References
Metrics cvssV4_0

{'score': 4.8, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U'}

Subscriptions

Netgear Orbi 370
cve-icon MITRE

Status: PUBLISHED

Assigner: NETGEAR

Published:

Updated: 2026-06-09T15:39:09.050Z

Reserved: 2025-12-03T04:16:16.081Z

Link: CVE-2026-0409

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-09T17:16:58.060

Modified: 2026-06-09T19:38:32.463

Link: CVE-2026-0409

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T20:20:29Z

Weaknesses