Description
A buffer overflow vulnerability due to insufficient input validation in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.
Published: 2026-06-09
Score: 4.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a stack‑based buffer overflow caused by insufficient input validation in the firmware of certain NETGEAR Nighthawk routers. An attacker who has authenticated administrative access on the local network can exploit this flaw by sending crafted data that overflows a buffer, enabling unauthorized modification of router software or configuration. The result is a loss of integrity for the device’s software and settings, potentially compromising its routing and security functions.

Affected Systems

The affected devices are NETGEAR Nighthawk routers with the following model identifiers: RBE370, RBE770, RBR750, RBR840, RBR850, RBR860, RBRE950, RBRE960, RBS750, RBS840, RBS850, RBS860, RBSE950, and RBSE960. Firmware versions prior to the fixed releases identified in the vendor advisory are vulnerable. The fixed firmware versions are V12.1.2.1 for RBE370, V10.5.20.10 for RBE770, and V7.2.8.5 for all other listed models. Models RBR840 and RBS840 have reached End‑of‑Support and will not receive future security updates; NETGEAR recommends retiring those devices.

Risk and Exploitability

The CVSS score of 4.3 indicates a low‑to‑moderate severity, and the EPSS score of less than 1% suggests a very low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires local, authenticated administrative access, so the attack vector is likely limited to individuals who can already reach the router management interface. Despite the modest severity, an attacker who succeeds can alter core router functions, potentially disrupting network operation or enabling further compromise of connected devices.

Generated by OpenCVE AI on June 11, 2026 at 08:20 UTC.

Remediation

Vendor Solution

Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in: ProductFixed VersionRBE370 Orbi Dual-band Mesh WiFi 7 Add-on Satellite V12.1.2.1 https://www.netgear.com/support/product/rbe370/ RBE770 Orbi Tri-band Mesh WiFi 7 Add-on Satellite V10.5.20.10 https://www.netgear.com/support/product/rbe770/ RBR750 Orbi WiFi 6 Router AX4200 V7.2.8.5 https://www.netgear.com/support/product/rbr750/ RBR840 (EoS) Orbi WiFi 6 System AX5700 V7.2.8.5 https://www.netgear.com/support/product/rbr840/ RBR850 Orbi WiFi 6 Router AX6000 V7.2.8.5 https://www.netgear.com/support/product/rbr850/ RBR860 Orbi Tri-band Mesh WiFi 6 Router – 860 Series V7.2.8.5 https://www.netgear.com/support/product/rbr860/ RBRE950 Orbi Quad-band Mesh WiFi 6E Router V7.2.8.5 https://www.netgear.com/support/product/rbre950/ RBRE960 Orbi Quad-band Mesh WiFi 6E Router V7.2.8.5 https://www.netgear.com/support/product/rbre960/ RBS750 Orbi WiFi 6 Add-on Satellite AX4200 V7.2.8.5 https://www.netgear.com/support/product/rbs750/ RBS840 (EoS) Orbi WiFi 6 Add-on Satellite AX5700 V7.2.8.5 https://www.netgear.com/support/product/rbs840/ RBS850 Orbi WiFi 6 Satellite AX6000 V7.2.8.5 https://www.netgear.com/support/product/rbs850/ RBS860 Orbi Tri-band Mesh WiFi 6 Add-on Satellite – 860 Series V7.2.8.5 https://www.netgear.com/support/product/rbs860/ RBSE950 Orbi Quad-band Mesh WiFi 6E Add-on Satellite V7.2.8.5 https://www.netgear.com/support/product/rbse950/ RBSE960 Orbi Quad-band Mesh WiFi 6E Add-on Satellite V7.2.8.5 https://www.netgear.com/support/product/rbse960/ Models marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support.

OpenCVE Recommended Actions

  • Upgrade all affected routers to the fixed firmware releases: set RBE370 to V12.1.2.1, RBE770 to V10.5.20.10, and all other listed models to V7.2.8.5 or newer.
  • For end‑of‑support models that cannot receive updates (RBR840 and RBS840), retire the devices and replace them with a newer NETGEAR product.
  • Enable automatic firmware updates on all routers so that future patches are applied with minimal intervention.
  • Restrict local network access to the router’s administrative interface by enforcing strong, unique passwords and limiting which devices can connect to the management portal.
  • Monitor router logs for any unexpected configuration changes or anomalous traffic patterns that might indicate an attacker’s activity.

Generated by OpenCVE AI on June 11, 2026 at 08:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 11 Jun 2026 06:45:00 +0000

Type Values Removed Values Added
Description Insufficient input validation of buffers vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality. A buffer overflow vulnerability due to insufficient input validation in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.

Wed, 10 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
References

Tue, 09 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Netgear
Netgear rbe37x
Netgear rbe77x
Netgear rbr750
Netgear rbr840
Netgear rbr850
Netgear rbr860
Netgear rbre950
Netgear rbre960
Netgear rbs750
Netgear rbs840
Netgear rbs850
Netgear rbs860
Netgear rbse950
Netgear rbse960
Vendors & Products Netgear
Netgear rbe37x
Netgear rbe77x
Netgear rbr750
Netgear rbr840
Netgear rbr850
Netgear rbr860
Netgear rbre950
Netgear rbre960
Netgear rbs750
Netgear rbs840
Netgear rbs850
Netgear rbs860
Netgear rbse950
Netgear rbse960

Tue, 09 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Description Insufficient input validation of buffers vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.
Title Buffer overflow vulnerability in certain NETGEAR Nighthawk routers
Weaknesses CWE-121
References
Metrics cvssV4_0

{'score': 4.3, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U'}

Subscriptions

Netgear Rbe37x Rbe77x Rbr750 Rbr840 Rbr850 Rbr860 Rbre950 Rbre960 Rbs750 Rbs840 Rbs850 Rbs860 Rbse950 Rbse960
cve-icon MITRE

Status: PUBLISHED

Assigner: NETGEAR

Published:

Updated: 2026-06-11T15:26:11.850Z

Reserved: 2025-12-03T04:16:20.202Z

Link: CVE-2026-0413

cve-icon Vulnrichment

Updated: 2026-06-09T17:06:13.557Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-09T17:16:58.777

Modified: 2026-06-11T07:16:26.160

Link: CVE-2026-0413

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-11T08:30:06Z

Weaknesses
  • CWE-121

    Stack-based Buffer Overflow