Description
A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper traffic between the router and the Internet, to execute code on the device.
Published: 2026-06-09
Score: 6.9 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in the firmware of certain NETGEAR gaming routers permits adversaries who can intercept and modify the data flowing between the router and the Internet to run arbitrary code on the device. This shortage of input validation makes it straightforward for an attacker who can tamper with upstream traffic to cause the router to execute commands, potentially compromising network control and exposing connected devices. The vulnerability allows code execution with the privileges that the router itself functions under, which effectively removes its ability to enforce network security.

Affected Systems

The vulnerability affects NETGEAR MR70, MS70, RAXE500, and XR1000 gaming routers. Devices running firmware versions earlier than MR70 V1.0.4.48, MS70 V1.0.4.48, RAXE500 V1.2.14.114, or XR1000 V1.0.2.86 are vulnerable. Updated firmware is available from the NETGEAR support pages linked in the advisory.

Risk and Exploitability

The CVSS base score of 6.9 indicates medium severity. No EPSS score is provided, and the weakness is not listed in CISA’s KEV catalog, so the public exploitation likelihood is uncertain. The attack requires an actor who can intercept and tamper with traffic between the router and the upstream Internet interface, suggesting a network‑oriented attacker, possibly at the ISP line or a compromised local device. If such conditions are met, the attacker can inject malformed packets that trigger the code‑execution path.

Generated by OpenCVE AI on June 9, 2026 at 17:43 UTC.

Remediation

Vendor Solution

If automatic updates are enabled, your device may already have this security update applied. If not, please check the firmware version and install the latest update. Fixed in: ProductFixed VersionMR70 V1.0.4.48 https://www.netgear.com/support/product/mr70/ MS70 V1.0.4.48 https://www.netgear.com/support/product/ms70/ RAXE500 V1.2.14.114 https://www.netgear.com/support/product/raxe500/ XR1000 V1.0.2.86 https://www.netgear.com/support/product/xr1000/

OpenCVE Recommended Actions

  • Install the official firmware update for the affected router model as supplied by NETGEAR; see the support URLs for the specific fixed revisions.
  • Ensure automatic updates are enabled so that future patches flow to the device without manual intervention.
  • If upgrading firmware is temporarily impractical, isolate the router’s upstream interface by enforcing strict ingress filtering or placing the device behind a firewall that blocks untrusted traffic to mitigate the ability to tamper with traffic between the router and the Internet.

Generated by OpenCVE AI on June 9, 2026 at 17:43 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Netgear
Netgear mr70
Netgear ms70
Netgear raxe500
Netgear xr1000
Vendors & Products Netgear
Netgear mr70
Netgear ms70
Netgear raxe500
Netgear xr1000

Tue, 09 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Description A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper traffic between the router and the Internet, to execute code on the device.
Title Insufficient input validation in certain NETGEAR routers
Weaknesses CWE-20
References
Metrics cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U'}

Subscriptions

Netgear Mr70 Ms70 Raxe500 Xr1000
cve-icon MITRE

Status: PUBLISHED

Assigner: NETGEAR

Published:

Updated: 2026-06-09T18:40:02.890Z

Reserved: 2026-05-21T17:29:06.017Z

Link: CVE-2026-9213

cve-icon Vulnrichment

Updated: 2026-06-09T17:34:39.677Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-09T17:17:51.733

Modified: 2026-06-09T19:38:32.463

Link: CVE-2026-9213

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T20:20:28Z

Weaknesses