Netgear Router Admin Auth Escalation via Local Net
CVE-2026-0410 Published on June 9, 2026

Insufficient input validation in certain NETGEAR routers
Authenticated administrators connected to the local network can gain elevated access to the router and make unauthorized changes to router software and functionality.

NVD

Weakness Type

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Affected Versions

NETGEAR R7000:

Before V1.0.11.216 is affected.

NETGEAR RAX20:

Before V1.0.18.144 is affected.

NETGEAR RAX35v2:

Before V1.0.16.132 is affected.

NETGEAR RAX41:

Before V1.0.16.132 is affected.

NETGEAR RAX41v2:

Before V1.1.4.28 is affected.

NETGEAR RAX42:

Before V1.0.16.132 is affected.

NETGEAR RAX42v2:

Before V1.1.4.28 is affected.

NETGEAR RAX43:

Before V1.0.16.132 is affected.

NETGEAR RAX43v2:

Before V1.1.4.28 is affected.

NETGEAR RAX45:

Before V1.0.16.132 is affected.

NETGEAR RAX49S:

Before V1.1.4.28 is affected.

NETGEAR RAX50:

Before V1.0.16.132 is affected.

NETGEAR RAX50S:

Before V1.0.16.132 is affected.

NETGEAR RAX50v2:

Before V1.1.4.28 is affected.

NETGEAR RAX54Sv2:

Before V1.1.4.28 is affected.

NETGEAR RAX54v2:

Before V1.1.4.28 is affected.

NETGEAR RAXE450:

Before V1.2.14.114 is affected.

NETGEAR RAXE500:

Before V1.2.14.114 is affected.

NETGEAR XR1000:

Before V1.1.0.22 is affected.

NETGEAR XR1000v2:

Before V1.1.0.22 is affected.

Netgear Router Admin Auth Escalation via Local NetCVE-2026-0410 Published on June 9, 2026

Weakness Type

Improper Input Validation

Affected Versions

Netgear Router Admin Auth Escalation via Local Net
CVE-2026-0410 Published on June 9, 2026