CVE-2026-0412
Awaiting Analysis Awaiting Analysis - Queue
Insufficient Input Validation in NETGEAR JR6150 Router

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: Netgear, Inc.

Description
Insufficient input validation vulnerability in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows administrators connected to the local network to make unauthorized modification of router software and functionality. NETGEAR JR6150 reached End-of-Support status in 2018 and is no longer receiving security updates. NETGEAR strongly recommends replacing these devices with newer NETGEAR models to ensure continued security support and updates. This vulnerability has been identified through firmware emulation in a controlled research environment and has not been verified on production hardware.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-09
Last Modified
2026-06-09
Generated
2026-06-10
AI Q&A
2026-06-09
EPSS Evaluated
N/A
NVD
CVE-2026-0412
EUVD
EUVD-2026-35453
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
netgear jr6150 to 2018 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an insufficient input validation issue in the NETGEAR JR6150 router. It allows administrators who are connected to the local network to make unauthorized modifications to the router's software and functionality.

The vulnerability was identified through firmware emulation in a controlled research environment and has not been verified on production hardware.

The affected device, NETGEAR JR6150, reached End-of-Support status in 2018 and no longer receives security updates.

Impact Analysis

If exploited, this vulnerability could allow an administrator on the local network to make unauthorized changes to the router's software and functionality.

Such unauthorized modifications could potentially compromise the security and operation of the router, leading to network disruptions or further security risks.

Since the device is no longer supported or receiving security updates, these risks cannot be mitigated through patches.

Mitigation Strategies

The NETGEAR JR6150 router has reached End-of-Support status and is no longer receiving security updates.

NETGEAR strongly recommends replacing these devices with newer NETGEAR models to ensure continued security support and updates.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-0412. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart