INSUFFICIENT INPUT VALIDATION IN NETGEAR ROUTER ALLOWS AUTH ADM TAMPERING
CVE-2026-0417 Published on June 9, 2026
Insufficient input validation in certain NETGEAR routers
Insufficient input validation vulnerability in the listed NETGEAR devices allows
authenticated administrators connected to the local network to tamper with
the router's integrity.
Weakness Type
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Affected Versions
NETGEAR MR60:- Before V1.1.7.132 is affected.
- Before V1.0.3.28 is affected.
- Before V1.1.7.14 is affected.
- Before V1.1.7.132 is affected.
- Before V1.0.3.28 is affected.
- Before V1.1.7.14 is affected.
- Before V1.0.4.128 is affected.
- Before V1.0.4.128 is affected.
- Before V1.3.3.152 is affected.
- Before V1.0.11.216 is affected.
- Before V1.3.3.152 is affected.
- Before V1.4.4.92 is affected.
- Before V1.4.4.92 is affected.
- Before and including 1.0.2.160 is affected.
- Before V1.0.18.144 is affected.
- Before V1.0.16.132 is affected.
- Before V1.0.12.118 is affected.
- Before V1.0.12.118 is affected.
- Before V1.0.12.118 is affected.
- Before V1.0.12.120 is affected.
- Before V1.0.12.118 is affected.
- Before V1.0.12.118 is affected.
- Before V1.0.12.120 is affected.
- Before V1.0.12.120 is affected.
- Before V1.0.10.86 is affected.
- Before V1.0.10.86 is affected.
- Before V1.0.0.68 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.