Description
Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box.
Published: 2026-01-30
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized Telnet activation allowing privileged access
Action: Patch Immediately
AI Analysis

Impact

Some end‑of‑service NETGEAR devices expose a TelnetEnable function that can be triggered by a specially crafted magic packet, turning on the telnet daemon without authentication. This deficiency enables an attacker who can send such a packet to obtain a shell on the device, potentially allowing arbitrary code execution. The flaw corresponds to CWE‑1242, which describes unintended activation of a feature.

Affected Systems

The vulnerability affects NETGEAR products that are no longer supported and lack end‑of‑life firmware updates. No specific versions are listed, so any currently in‑use end‑of‑life device may be vulnerable.

Risk and Exploitability

The CVSS score of 8.7 indicates a high severity defect, while the EPSS of less than 1% suggests a low probability of exploitation at present. The device is not listed in the CISA KEV catalog, so no exploits are known yet. The likely attack vector is network‑based: an attacker on the same network or with routing capabilities must deliver the magic packet. Once activated, telnet typically runs with elevated privileges, so successful exploitation could lead to full system compromise.

Generated by OpenCVE AI on April 18, 2026 at 01:14 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware update or vendor patch if available
  • Disable the telnet service through the device's configuration interface
  • Block or filter the magic packet traffic on the network or firewall
  • Consider replacing the end‑of‑life device with a supported model

Generated by OpenCVE AI on April 18, 2026 at 01:14 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 18 Apr 2026 01:30:00 +0000

Type Values Removed Values Added
Title Unintended Telnet Activation via Magic Packet on End‑of‑Life NETGEAR Devices

Fri, 30 Jan 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 30 Jan 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Netgear
Netgear eos Products
Vendors & Products Netgear
Netgear eos Products

Fri, 30 Jan 2026 04:30:00 +0000

Type Values Removed Values Added
Description Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box.
Weaknesses CWE-1242
References
Metrics cvssV3_0

{'score': 7.5, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Netgear Eos Products
cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published:

Updated: 2026-01-30T17:59:45.410Z

Reserved: 2026-01-26T05:24:46.172Z

Link: CVE-2026-24714

cve-icon Vulnrichment

Updated: 2026-01-30T17:59:36.107Z

cve-icon NVD

Status : Deferred

Published: 2026-01-30T05:16:33.093

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-24714

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T01:15:05Z

Weaknesses