CVE-2026-0420
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: Netgear, Inc.

Description
An improper implementation of TLS certificate validation vulnerability found in ReadyCloud client app which can allow an attacker to perform attacker-in-the-middle (MiTM) style attacks impacting product's confidentiality. This vulnerability affects the listed NETGEAR models.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-09
Last Modified
2026-06-09
Generated
2026-06-10
AI Q&A
2026-06-09
EPSS Evaluated
N/A
NVD
CVE-2026-0420
EUVD
EUVD-2026-35467
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
netgear rax38 *
netgear rax40 *
netgear rax120v2 *
netgear rax35 *
netgear readycloud *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-325 The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability involves improper TLS certificate validation in the ReadyCloud client app, which can allow attacker-in-the-middle (MiTM) attacks impacting confidentiality.

Such a confidentiality impact could potentially affect compliance with standards and regulations like GDPR and HIPAA that require protection of sensitive data in transit.

However, the provided information does not explicitly state the direct effects on compliance with these standards.

Executive Summary

This vulnerability is an improper implementation of TLS certificate validation in the ReadyCloud client app by NETGEAR. It allows an attacker to perform man-in-the-middle (MiTM) style attacks by exploiting the flawed certificate validation process.

Such an attack can intercept or alter communications between the client app and the server, potentially compromising the confidentiality of the data transmitted.

Impact Analysis

The vulnerability can impact you by allowing an attacker to intercept sensitive information exchanged between your ReadyCloud client app and the server.

This could lead to unauthorized access to confidential data, loss of privacy, and potential exposure of sensitive information.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-0420. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart