Description
An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation.
Published: 2026-06-09
Score: 5.2 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability permits an unauthenticated user on the local network to take control of the router, enabling them to modify any configuration or settings. The weakness arises from insufficient input validation (CWE‑20). Gaining such control can compromise network confidentiality, integrity, and availability.

Affected Systems

The affected devices are NETGEAR routers built on the CAX30, RAX30, RAX5, and RAXE300 platforms. Vulnerable versions include CAX30 firmware up to V2.2.1.4, RAX30 firmware up to V1.0.10.94, RAX5 firmware up to V1.0.5.34, and RAXE300 firmware up to V1.0.10.72. Firmware versions beyond those listed contain the fix.

Risk and Exploitability

The CVSS score of 5.2 places the vulnerability in the moderate severity range. Although the official EPSS score is not available, the lack of external exploitation data suggests lower likelihood of public exploit, yet local attackers present a realistic threat. The vulnerability is not yet in the KEV catalog. An attacker on the LAN can send malicious commands to the router without authentication, potentially enabling network disruption or eavesdropping.

Generated by OpenCVE AI on June 9, 2026 at 17:42 UTC.

Remediation

Vendor Solution

NETGEAR strongly recommends that you install the latest firmware as soon as possible. Issue fixed in: ProductFixed VersionCAX30V2.2.1.4RAX30V1.0.10.94RAX5 V1.0.5.34 https://www.netgear.com/support/product/rax5/ RAXE300 V1.0.10.72 https://www.netgear.com/support/product/raxe300/

OpenCVE Recommended Actions

  • Upgrade the router firmware to the latest version that includes the fix (e.g., CAX30 V2.2.1.4, RAX30 V1.0.10.94, RAX5 V1.0.5.34, or RAXE300 V1.0.10.72).
  • Change the router’s administrator password from the default to a strong, unique credential.
  • Disable or restrict remote management features and limit local network access to the router to trusted devices.

Generated by OpenCVE AI on June 9, 2026 at 17:42 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Netgear
Netgear cax30
Netgear rax30
Netgear rax5
Netgear raxe300
Vendors & Products Netgear
Netgear cax30
Netgear rax30
Netgear rax5
Netgear raxe300

Tue, 09 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Description An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation.
Title Certain NETGEAR routers allow unauthenticated users to gain control of the router
Weaknesses CWE-20
References
Metrics cvssV4_0

{'score': 5.2, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber'}

Subscriptions

Netgear Cax30 Rax30 Rax5 Raxe300
cve-icon MITRE

Status: PUBLISHED

Assigner: NETGEAR

Published:

Updated: 2026-06-09T18:39:44.643Z

Reserved: 2026-05-21T17:29:03.440Z

Link: CVE-2026-9211

cve-icon Vulnrichment

Updated: 2026-06-09T17:38:40.223Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-09T17:17:51.380

Modified: 2026-06-09T19:38:32.463

Link: CVE-2026-9211

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T20:20:25Z

Weaknesses