Description
Insufficient input validation of buffers vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.
Published: 2026-06-09
Score: 4.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a classic stack-based buffer overflow that arises from insufficient input validation in the router firmware. An attacker who is an authenticated administrator on the local network can send crafted data that overflows a buffer, allowing the attacker to modify configuration settings or inject malicious code. This abuse of administrative privileges undermines the integrity of the router and can lead to loss of control over routing and security functions.

Affected Systems

The vulnerable devices are a range of NETGEAR Nighthawk routers, including models RBE37X, RBE77X, RBR750, RBR840, RBR850, RBR860, RBRE950, RBRE960, RBS750, RBS840, RBS850, RBS860, RBSE950, and RBSE960. Firmware versions prior to the fixed releases listed in the vendor advisory are affected. The fixed firmware versions are V12.1.2.1 for RBE37X, V10.5.20.10 for RBE77X, and V7.2.8.5 for all other listed models. Models that have reached End‑of‑Support cannot receive security updates, and the vendor recommends retiring them for continued protection.

Risk and Exploitability

The CVSS score is 4.3, indicating low to moderate severity. No EPSS score is published, and the vulnerability is not in the CISA KEV catalog. Because exploitation requires an authenticated administrator on the local network, the attack vector is likely limited to local intruders. Nonetheless, the flaw permits modification of core router functions, potentially compromising data confidentiality, integrity, or availability if a privileged local attacker succeeds.

Generated by OpenCVE AI on June 9, 2026 at 17:51 UTC.

Remediation

Vendor Solution

NETGEAR strongly recommends that you install the latest firmware as soon as possible.  Issue fixed in: ProductFixed VersionRBE37X V12.1.2.1 https://www.netgear.com/support/product/rbe372/ RBE77X V10.5.20.10 https://www.netgear.com/support/product/rbe770/ RBR750 V7.2.8.5 https://www.netgear.com/support/product/rbr750/ RBR840* V7.2.8.5 https://www.netgear.com/support/product/rbr840/ RBR850 V7.2.8.5 https://www.netgear.com/support/product/rbr850/ RBR860 V7.2.8.5 https://www.netgear.com/support/product/rbr860/ RBRE950 V7.2.8.5 https://www.netgear.com/support/product/rbre950/ RBRE960 V7.2.8.5 https://www.netgear.com/support/product/rbre960/ RBS750 V7.2.8.5 https://www.netgear.com/support/product/rbs750/ RBS840* V7.2.8.5 https://www.netgear.com/support/product/rbs840/ RBS850 V7.2.8.5 https://www.netgear.com/support/product/rbs850/ RBS860 V7.2.8.5 https://www.netgear.com/support/product/rbs860/ RBSE950 V7.2.8.5 https://www.netgear.com/support/product/rbse950/ RBSE960 V7.2.8.5 https://www.netgear.com/support/product/rbse960/ * Model has reached its End-of-Support phase and no future security updates are planned. NETGEAR strongly recommends that you retire this device and upgrade to a newer NETGEAR product for continued security support.

OpenCVE Recommended Actions

  • Upgrade all affected routers to the firmware release listed: RBE37X to V12.1.2.1, RBE77X to V10.5.20.10, and RBR750, RBR840, RBR850, RBR860, RBRE950, RBRE960, RBS750, RBS840, RBS850, RBS860, RBSE950, and RBSE960 to V7.2.8.5 or newer.
  • For end‑of‑support models that cannot receive updates, retire the device and replace it with a current NETGEAR product.
  • Limit local network access to the router administration interface by ensuring only trusted devices can connect and enforcing strong, unique passwords for the administrative interface.
  • Monitor router logs for unexpected configuration changes or anomalous traffic patterns.

Generated by OpenCVE AI on June 9, 2026 at 17:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Netgear
Netgear rbe37x
Netgear rbe77x
Netgear rbr750
Netgear rbr840
Netgear rbr850
Netgear rbr860
Netgear rbre950
Netgear rbre960
Netgear rbs750
Netgear rbs840
Netgear rbs850
Netgear rbs860
Netgear rbse950
Netgear rbse960
Vendors & Products Netgear
Netgear rbe37x
Netgear rbe77x
Netgear rbr750
Netgear rbr840
Netgear rbr850
Netgear rbr860
Netgear rbre950
Netgear rbre960
Netgear rbs750
Netgear rbs840
Netgear rbs850
Netgear rbs860
Netgear rbse950
Netgear rbse960

Tue, 09 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Description Insufficient input validation of buffers vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.
Title Buffer overflow vulnerability in certain NETGEAR Nighthawk routers
Weaknesses CWE-121
References
Metrics cvssV4_0

{'score': 4.3, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U'}

Subscriptions

Netgear Rbe37x Rbe77x Rbr750 Rbr840 Rbr850 Rbr860 Rbre950 Rbre960 Rbs750 Rbs840 Rbs850 Rbs860 Rbse950 Rbse960
cve-icon MITRE

Status: PUBLISHED

Assigner: NETGEAR

Published:

Updated: 2026-06-09T17:06:42.150Z

Reserved: 2025-12-03T04:16:20.202Z

Link: CVE-2026-0413

cve-icon Vulnrichment

Updated: 2026-06-09T17:06:13.557Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-09T17:16:58.777

Modified: 2026-06-09T19:38:32.463

Link: CVE-2026-0413

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T20:20:19Z

Weaknesses