NETGEAR Gaming Router RCE via Traffic Interception
CVE-2026-9213 Published on June 9, 2026

Insufficient input validation in certain NETGEAR routers
A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper with traffic between the router and the Internet, to execute code on the device.

Vendor Advisory NVD

Weakness Type

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Products Associated with CVE-2026-9213

Want to know whenever a new CVE is published for Netgear Raxe500? stack.watch will email you.

Netgear Raxe500

Affected Versions

NETGEAR MR70:

Before V1.0.4.48 is affected.

NETGEAR MS70:

Before V1.0.4.48 is affected.

NETGEAR RAXE500:

Before V1.2.14.114 is affected.

NETGEAR XR1000:

Before V1.0.2.86 is affected.

NETGEAR Gaming Router RCE via Traffic InterceptionCVE-2026-9213 Published on June 9, 2026

Weakness Type

Improper Input Validation

Products Associated with CVE-2026-9213

Affected Versions

NETGEAR Gaming Router RCE via Traffic Interception
CVE-2026-9213 Published on June 9, 2026