NETGEAR Router Input Validation Flaw Allows Admin RCE (CVE-2026-0414)
CVE-2026-0414 Published on June 9, 2026

Arbitrary Code Execution vulnerability exists in RBE970
Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.

NVD

Weakness Type

What is a Code Injection Vulnerability?

The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

CVE-2026-0414 has been classified to as a Code Injection vulnerability or weakness.

Affected Versions

NETGEAR RBE97x:

Before V9.12.4.9 is affected.

NETGEAR Router Input Validation Flaw Allows Admin RCE (CVE-2026-0414)CVE-2026-0414 Published on June 9, 2026

Weakness Type

What is a Code Injection Vulnerability?

Affected Versions

NETGEAR Router Input Validation Flaw Allows Admin RCE (CVE-2026-0414)
CVE-2026-0414 Published on June 9, 2026