NETGEAR Gaming Router RCE via Traffic Interception
CVE-2026-9213 Published on June 9, 2026

Insufficient input validation in certain NETGEAR routers
A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper with traffic between the router and the Internet, to execute code on the device.

Vendor Advisory NVD

Weakness Type

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.


Products Associated with CVE-2026-9213

Want to know whenever a new CVE is published for Netgear Raxe500? stack.watch will email you.

 

Affected Versions

NETGEAR MR70: NETGEAR MS70: NETGEAR RAXE500: NETGEAR XR1000:

Exploit Probability

EPSS
0.40%
Percentile
31.40%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.