CVE-2026-0406

Medium CVSS: 6.1

An insufficient input validation vulnerability in the NETGEAR XR1000v2
allows attackers connected to the router's LAN to execute OS command
injections.

Vendor

Netgear

Product

Xr1000v2 Firmware

CWE

CWE-20

Yayın Tarihi

2026-01-13 16:16:10

Güncelleme

2026-02-20 19:42:29

Source Identifier

a2826606-91e7-4eb6-899e-8484bd4575d5

KEV Date Added

Kategoriler

CWE-20 Xr1000v2 Firmware MEDIUM Netgear 2026

Referanslar

https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory https://www.netgear.com/support/product/xr1000v2

Benzer Kayıtlar

High

CVE-2022-40620

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS ce…

High

CVE-2022-40619

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the L…

Medium

CVE-2026-0408

A path traversal vulnerability in NETGEAR WiFi range extenders allows an attacker with LAN authentication to access the…

Low

CVE-2026-0403

An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN t…

Medium

CVE-2026-0404

An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent at…

Medium

CVE-2026-0405

An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access th…