Description
A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper with traffic between the router and the Internet, to execute code on the device.
Published: 2026-06-09
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in the firmware of certain NETGEAR gaming routers allows adversaries who can intercept and tamper with traffic flowing between the router and the Internet to trigger code execution on the device. This insufficiency in input validation means that malformed packets crafted by an attacker can be processed by the router in a way that causes it to run arbitrary code or commands with the privileges the device normally holds. The compromise potentially undermines the router’s ability to enforce network protection and can lead to broader network control loss.

Affected Systems

The vulnerability affects NETGEAR MR70, MS70, RAXE500, and XR1000 gaming routers. Devices running firmware versions earlier than MR70 V1.0.4.48, MS70 V1.0.4.48, RAXE500 V1.2.14.114, or XR1000 V1.0.2.86 are vulnerable. Updated firmware is available from the NETGEAR support pages linked in the advisory.

Risk and Exploitability

The CVSS base score of 6.9 indicates medium severity. The EPSS score of 0.00227 (0.227%) shows a very low but non‑zero probability of exploitation, and the vulnerability is not listed in CISA’s KEV catalog, so public exploitation remains unlikely. Based on the description, it is inferred that the attack requires the attacker to intercept and tamper with traffic between the router and the upstream Internet interface, indicating a network‑oriented vector such as a compromised ISP line or local device. If such conditions exist, the attacker can inject malformed packets that trigger the code‑execution path.

Generated by OpenCVE AI on June 11, 2026 at 07:52 UTC.

Remediation

Vendor Solution

Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in: ProductFixed VersionMR70 Nighthawk Mesh WiFi 6 Router V1.0.4.48 https://www.netgear.com/support/product/mr70/ MS70 Nighthawk Mesh WiFi 6 Add-on Satellite V1.0.4.48 https://www.netgear.com/support/product/ms70/ RAXE500 Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router V1.2.14.114 https://www.netgear.com/support/product/raxe500/ XR1000 Nighthawk WiFi 6 Pro Gaming Router V1.0.2.86 https://www.netgear.com/support/product/xr1000/

OpenCVE Recommended Actions

  • Install the official firmware update for the affected router model as supplied by NETGEAR; see the support URLs for the specific fixed revisions.
  • Ensure automatic updates are enabled so that future patches flow to the device without manual intervention.
  • If upgrading firmware is temporarily impractical, isolate the router’s upstream interface by enforcing strict ingress filtering or placing the device behind a firewall that blocks untrusted traffic to mitigate the ability to tamper with traffic between the router and the Internet.

Generated by OpenCVE AI on June 11, 2026 at 07:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 11 Jun 2026 06:45:00 +0000

Type Values Removed Values Added
Description A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper traffic between the router and the Internet, to execute code on the device. A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper with traffic between the router and the Internet, to execute code on the device.

Wed, 10 Jun 2026 16:00:00 +0000

Type Values Removed Values Added
References

Tue, 09 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Netgear
Netgear mr70
Netgear ms70
Netgear raxe500
Netgear xr1000
Vendors & Products Netgear
Netgear mr70
Netgear ms70
Netgear raxe500
Netgear xr1000

Tue, 09 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Description A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper traffic between the router and the Internet, to execute code on the device.
Title Insufficient input validation in certain NETGEAR routers
Weaknesses CWE-20
References
Metrics cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U'}

Subscriptions

Netgear Mr70 Ms70 Raxe500 Xr1000
cve-icon MITRE

Status: PUBLISHED

Assigner: NETGEAR

Published:

Updated: 2026-06-11T05:15:19.347Z

Reserved: 2026-05-21T17:29:06.017Z

Link: CVE-2026-9213

cve-icon Vulnrichment

Updated: 2026-06-09T17:34:39.677Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-09T17:17:51.733

Modified: 2026-06-11T07:16:29.033

Link: CVE-2026-9213

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-11T08:00:15Z

Weaknesses
  • CWE-20

    Improper Input Validation