CVE-2026-0418
4.3
Vector
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:D/RE:L/U:AmberShow more
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:D/RE:L/U:AmberShow less
Source: a2826606-91e7-4eb6-899e-8484bd4575d5 (Secondary)
Description
Insufficient configuration management in the listed devices allows authenticated administrators connected to the local network
to tamper with the system.
Affected (35)
Products: Netgear: Cbr750 Firmware, Ex6120 Firmware, Ex6130 Firmware, Mr60 Firmware, Mr70 Firmware, Mr80 Firmware, Ms60 Firmware, Ms70 Firmware, Ms80 Firmware, Rax15 Firmware, Rax20 Firmware, Rax200 Firmware, Rax35v2 Firmware, Rax38v2 Firmware, Rax40v2 Firmware, Rax42 Firmware, Rax43 Firmware, Rax45 Firmware, Rax48 Firmware, Rax50 Firmware, Rax50s Firmware, Rax75 Firmware, Rax80 Firmware, Raxe450 Firmware, Raxe500 Firmware, Rbr750 Firmware, Rbr840 Firmware, Rbr850 Firmware, Rbre960 Firmware, Rbs750 Firmware, Rbs840 Firmware, Rbs850 Firmware, Rbse960 Firmware, Rs700 Firmware, Xr1000 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.6.14.4 |
| Running on/with | Platform Versions |
|---|---|
Netgear Cbr750 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex6120 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex6130 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.7.128 |
| Running on/with | Platform Versions |
|---|---|
Netgear Mr60 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.3.28 |
| Running on/with | Platform Versions |
|---|---|
Netgear Mr70 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.7.6 |
| Running on/with | Platform Versions |
|---|---|
Netgear Mr80 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.7.128 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ms60 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.3.28 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ms70 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.7.6 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ms80 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax15 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax20 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax200 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.11.112 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax35v2 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.11.112 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax38v2 | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.11.112 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax40v2 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.11.112 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax42 | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.11.112 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax43 | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.11.112 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax45 | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.11.112 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax48 | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.11.112 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax50 | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.11.112 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax50s | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax75 | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax80 | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.10.86 |
| Running on/with | Platform Versions |
|---|---|
Netgear Raxe450 | All versions |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.10.86 |
| Running on/with | Platform Versions |
|---|---|
Netgear Raxe500 | All versions |
Configuration Z
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.6.14.3 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbr750 | All versions |
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.6.14.3 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbr840 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.6.14.3 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbr850 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 6.3.7.5 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbre960 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.6.14.3 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbs750 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.6.14.3 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbs840 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.6.14.3 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbs850 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 6.3.7.5 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbse960 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.7.66 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rs700 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.68 |
| Running on/with | Platform Versions |
|---|---|
Netgear Xr1000 | All versions |
Related CWEs
CWE-15
External Control of System or Configuration Setting
One or more system settings or configuration elements can be externally controlled by a user.
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.
References (36)
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
Vendor Advisory
Timeline
No history available yet.