CVE-2026-0410
Analyzed Analyzed - Analysis Complete

Authenticated Privilege Escalation in Router via Local Network

Publication date: 2026-06-09

Last updated on: 2026-06-18

Assigner: Netgear, Inc.

Description
Authenticated administrators connected to the local network can gain elevated access to the router and make unauthorized changes to router software and functionality.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-09
Last Modified
2026-06-18
Generated
2026-06-30
AI Q&A
2026-06-09
EPSS Evaluated
2026-06-28
NVD
CVE-2026-0410
EUVD
EUVD-2026-35452

Affected Vendors & Products

Showing 19 associated CPEs
Vendor Product Version / Range
netgear r7000_firmware to 1.0.11.216 (exc)
netgear rax20_firmware to 1.0.18.144 (exc)
netgear rax35v2_firmware to 1.0.16.132 (exc)
netgear rax41_firmware to 1.0.16.132 (exc)
netgear rax41v2_firmware to 1.1.4.28 (exc)
netgear rax42_firmware to 1.0.16.132 (exc)
netgear rax42v2_firmware to 1.1.4.28 (exc)
netgear rax43_firmware to 1.0.16.132 (exc)
netgear rax43v2_firmware to 1.1.4.28 (exc)
netgear rax45_firmware to 1.0.16.132 (exc)
netgear rax49s_firmware to 1.1.4.28 (exc)
netgear rax50_firmware to 1.0.16.132 (exc)
netgear rax50s_firmware to 1.0.16.132 (exc)
netgear rax50v2_firmware to 1.1.4.28 (exc)
netgear rax54sv2_firmware to 1.1.4.28 (exc)
netgear raxe450_firmware to 1.2.14.114 (exc)
netgear raxe500_firmware to 1.2.14.114 (exc)
netgear xr1000_firmware to 1.1.0.22 (exc)
netgear xr1000v2_firmware to 1.1.0.22 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability allows authenticated administrators who are connected to the local network to gain elevated access to the router.

With this elevated access, they can make unauthorized changes to the router's software and functionality.

Impact Analysis

The vulnerability can impact you by allowing an authenticated administrator on your local network to escalate their privileges on the router.

This could lead to unauthorized modifications of the router's software and functionality, potentially compromising network security and stability.

Compliance Impact

The vulnerability allows authenticated administrators on the local network to gain elevated access to the router and make unauthorized changes to its software and functionality.

Such unauthorized access and changes could potentially lead to compromised network security and data integrity, which may impact compliance with standards and regulations like GDPR and HIPAA that require protection of sensitive data and secure network environments.

However, the provided information does not explicitly state the direct effects on compliance with these regulations.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-0410. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart