CVE-2026-3088
Analyzed Analyzed - Analysis Complete

Denial of Service in Router Firmware

Publication date: 2026-06-09

Last updated on: 2026-06-18

Assigner: Netgear, Inc.

Description
Unauthenticated users on the local network can cause the router to become unavailable by sending specially crafted requests.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-09
Last Modified
2026-06-18
Generated
2026-06-30
AI Q&A
2026-06-09
EPSS Evaluated
2026-06-28
NVD
CVE-2026-3088
EUVD
EUVD-2026-35456

Affected Vendors & Products

Showing 8 associated CPEs
Vendor Product Version / Range
netgear rbe970_firmware to 9.10.1.4 (exc)
netgear rbe971_firmware to 9.10.1.4 (exc)
netgear rbr860_firmware to 7.2.7.15 (exc)
netgear rbre950_firmware to 7.2.7.15 (exc)
netgear rbre960_firmware to 7.2.7.15 (exc)
netgear rbs860_firmware to 7.2.7.15 (exc)
netgear rbse950_firmware to 7.2.7.15 (exc)
netgear rbse960_firmware to 7.2.7.15 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability allows unauthenticated users on the local network to cause a router to become unavailable by sending specially crafted requests.

Impact Analysis

The impact of this vulnerability is that an attacker on the local network can disrupt the availability of the router, potentially causing network outages or denial of service.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-3088. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart