← Back

CVE-2026-0403

nvd nist
Published: Jan 13, 2026Modified: Feb 20, 2026

JSON object

Loading...
1.1
Vector
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
Show more
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:AmberShow less
Source: a2826606-91e7-4eb6-899e-8484bd4575d5 (Secondary)

Description

An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections.

Affected (10)

Netgear
10 products
Rbe971 Firmware
Rbe970 Firmware
Rbr750 Firmware
Rbr850 Firmware
Rbr860 Firmware
Rbs750 Firmware
Rbs850 Firmware
Rbs860 Firmware
Rbre960 Firmware
Rbse960 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbe971 Firmware
Before 9.10.0.2
Running on/withPlatform Versions
Netgear
Rbe971
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbe970 Firmware
Before 9.10.0.2
Running on/withPlatform Versions
Netgear
Rbe970
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbr750 Firmware
Before 7.2.8.5
Running on/withPlatform Versions
Netgear
Rbr750
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbr850 Firmware
Before 7.2.8.5
Running on/withPlatform Versions
Netgear
Rbr850
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbr860 Firmware
Before 7.2.8.5
Running on/withPlatform Versions
Netgear
Rbr860
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbs750 Firmware
Before 7.2.8.5
Running on/withPlatform Versions
Netgear
Rbs750
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbs850 Firmware
Before 7.2.8.5
Running on/withPlatform Versions
Netgear
Rbs850
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbs860 Firmware
Before 7.2.8.5
Running on/withPlatform Versions
Netgear
Rbs860
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbre960 Firmware
Before 7.2.8.5
Running on/withPlatform Versions
Netgear
Rbre960
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbse960 Firmware
Before 7.2.8.5
Running on/withPlatform Versions
Netgear
Rbse960
All versions

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (11)

Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchVendor Advisory
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct

Timeline

No history available yet.