CVE-2026-0413

A buffer overflow vulnerability due to insufficient input validation in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.

CVSS

No CVSS.

References

Link	Resource
https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory
https://www.netgear.com/support/product/rbe372/
https://www.netgear.com/support/product/rbe770/
https://www.netgear.com/support/product/rbr750/
https://www.netgear.com/support/product/rbr840/
https://www.netgear.com/support/product/rbr850/
https://www.netgear.com/support/product/rbr860/
https://www.netgear.com/support/product/rbre950/
https://www.netgear.com/support/product/rbre960/
https://www.netgear.com/support/product/rbs750/
https://www.netgear.com/support/product/rbs840/
https://www.netgear.com/support/product/rbs850/
https://www.netgear.com/support/product/rbs860/
https://www.netgear.com/support/product/rbse950/
https://www.netgear.com/support/product/rbse960/

Configurations

No configuration.

History

11 Jun 2026, 07:16

Type	Values Removed	Values Added
Summary	(en) Insufficient input validation of buffers vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.	(en) A buffer overflow vulnerability due to insufficient input validation in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.

10 Jun 2026, 14:16

Type	Values Removed	Values Added
References		() https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory -

09 Jun 2026, 17:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-06-09 17:16

Updated : 2026-06-11 07:16

NVD link : CVE-2026-0413

Mitre link : CVE-2026-0413

CVE.ORG link : CVE-2026-0413

JSON object : View

Products Affected

No product.

CWE

CWE-121

Stack-based Buffer Overflow

{"id": "CVE-2026-0413", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "a2826606-91e7-4eb6-899e-8484bd4575d5", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 4.3, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "UNREPORTED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-06-09T17:16:58.777", "references": [{"url": "https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory", "source": "a2826606-91e7-4eb6-899e-8484bd4575d5"}, {"url": "https://www.netgear.com/support/product/rbe372/", "source": "a2826606-91e7-4eb6-899e-8484bd4575d5"}, {"url": "https://www.netgear.com/support/product/rbe770/", "source": "a2826606-91e7-4eb6-899e-8484bd4575d5"}, {"url": "https://www.netgear.com/support/product/rbr750/", "source": "a2826606-91e7-4eb6-899e-8484bd4575d5"}, {"url": "https://www.netgear.com/support/product/rbr840/", "source": "a2826606-91e7-4eb6-899e-8484bd4575d5"}, {"url": "https://www.netgear.com/support/product/rbr850/", "source": "a2826606-91e7-4eb6-899e-8484bd4575d5"}, {"url": "https://www.netgear.com/support/product/rbr860/", "source": "a2826606-91e7-4eb6-899e-8484bd4575d5"}, {"url": "https://www.netgear.com/support/product/rbre950/", "source": "a2826606-91e7-4eb6-899e-8484bd4575d5"}, {"url": "https://www.netgear.com/support/product/rbre960/", "source": "a2826606-91e7-4eb6-899e-8484bd4575d5"}, {"url": "https://www.netgear.com/support/product/rbs750/", "source": "a2826606-91e7-4eb6-899e-8484bd4575d5"}, {"url": "https://www.netgear.com/support/product/rbs840/", "source": "a2826606-91e7-4eb6-899e-8484bd4575d5"}, {"url": "https://www.netgear.com/support/product/rbs850/", "source": "a2826606-91e7-4eb6-899e-8484bd4575d5"}, {"url": "https://www.netgear.com/support/product/rbs860/", "source": "a2826606-91e7-4eb6-899e-8484bd4575d5"}, {"url": "https://www.netgear.com/support/product/rbse950/", "source": "a2826606-91e7-4eb6-899e-8484bd4575d5"}, {"url": "https://www.netgear.com/support/product/rbse960/", "source": "a2826606-91e7-4eb6-899e-8484bd4575d5"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "a2826606-91e7-4eb6-899e-8484bd4575d5", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability due to insufficient input validation\u00a0in the\u00a0listed NETGEAR models allows\u00a0authenticated administrators connected to the local network to make unauthorized modification of router software and functionality."}], "lastModified": "2026-06-11T07:16:26.160", "sourceIdentifier": "a2826606-91e7-4eb6-899e-8484bd4575d5"}