CVE-2026-9212
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: Netgear, Inc.

Description
Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute commands impacting product's confidentiality or change certain configurations.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-09
Last Modified
2026-06-09
Generated
2026-06-10
AI Q&A
2026-06-09
EPSS Evaluated
N/A
NVD
CVE-2026-9212
EUVD
EUVD-2026-35466
Affected Vendors & Products
Showing 20 associated CPEs
Vendor Product Version / Range
netgear rbs40 *
netgear r9000 *
netgear rbs50 *
netgear lbr1020 *
netgear rbr10 *
netgear xr450 *
netgear xr500 *
netgear rbr40 *
netgear rax36s *
netgear lbr20 *
netgear r6700ax *
netgear rbr50 *
netgear rbs20 *
netgear rax120 *
netgear rbr20 *
netgear rbs10 *
netgear rax70 *
netgear r7800 *
netgear rax10 *
netgear rax78 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves insufficient authentication and input validation in certain NETGEAR models. It allows users who are connected to the local network to execute commands that can affect the confidentiality of the product or change some of its configurations.

Impact Analysis

The vulnerability can impact you by allowing unauthorized users on your local network to execute commands that may compromise the confidentiality of your device or alter its configurations. This could lead to unauthorized access to sensitive information or changes in device behavior that may affect network security.

Compliance Impact

The vulnerability involves insufficient authentication and input validation allowing local network users to execute commands that impact the product's confidentiality or change configurations.

Such a vulnerability could potentially affect compliance with standards and regulations like GDPR or HIPAA, which require protection of confidentiality and integrity of data and systems.

However, the provided information does not explicitly describe the impact on compliance with these or other common standards and regulations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-9212. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart