CVE-2022-40620

Published: Jan 28, 2026Modified: Mar 9, 2026

7.7

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

Exploitability: 2.2 / Impact: 5.5

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. An attacker (suitably positioned on the network) could intercept the update request and deliver a malicious update package in order to gain arbitrary code execution on affected devices. This affects R6230 before 1.1.0.112, R6260 before 1.1.0.88, R7000 before 1.0.11.134, R8900 before 1.0.5.42, R9000 before 1.0.5.42, and XR300 before 1.0.3.72 and Orbi RBR20 before 2.7.2.26, RBR50 before 2.7.4.26, RBS20 before 2.7.2.26, and RBS50 before 2.7.4.26.

Affected (10)

Products: Netgear: Rbr20 Firmware, R6230 Firmware, R6260 Firmware, R7000 Firmware, R8900 Firmware, R9000 Firmware, Rax120 Firmware, Rax120v2 Firmware, Xr300 Firmware, Rbs20 Firmware

10 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbr20 Firmware	Before 2.7.2.26

Running on/with	Platform Versions
Netgear Rbr20	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R6230 Firmware	Before 1.1.0.112

Running on/with	Platform Versions
Netgear R6230	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R6260 Firmware	Before 1.1.0.88

Running on/with	Platform Versions
Netgear R6260	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R7000 Firmware	Before 1.0.11.134

Running on/with	Platform Versions
Netgear R7000	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R8900 Firmware	Before 1.0.5.42

Running on/with	Platform Versions
Netgear R8900	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R9000 Firmware	Before 1.0.5.42

Running on/with	Platform Versions
Netgear R9000	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rax120 Firmware	Before 1.2.8.40

Running on/with	Platform Versions
Netgear Rax120	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rax120v2 Firmware	Before 1.2.8.40

Running on/with	Platform Versions
Netgear Rax120v2	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Xr300 Firmware	Before 1.0.3.72

Running on/with	Platform Versions
Netgear Xr300	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbs20 Firmware	Before 2.7.2.26

Running on/with	Platform Versions
Netgear Rbs20	All versions

Related CWEs

CWE-295

Improper Certificate Validation

The product does not validate, or incorrectly validates, a certificate.

References (2)

https://kb.netgear.com/000065132/Security-Advisory-for-Vulnerabilities-in-FunJSQ-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2022-0117

Source: cve@mitre.org

Vendor Advisory

https://www.onekey.com/resource/security-advisory-netgear-routers-funjsq-vulnerabilities

Source: cve@mitre.org

ExploitThird Party Advisory

Timeline

No history available yet.