Vulnerability Details CVE-2026-0416
An insufficient input validation vulnerability in certain NETGEAR router models as listed allows an authenticated administrator with local network access to submit crafted input that bypasses intended management interface restrictions, resulting in unauthorized modification of protected router software or functionality.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 8.3%
CVSS Severity
CVSS v3 Score 4.5
References
Products affected by CVE-2026-0416
-
cpe:2.3:h:netgear:raxe450:-
-
cpe:2.3:h:netgear:raxe500:-
-
cpe:2.3:o:netgear:raxe450_firmware:-
-
cpe:2.3:o:netgear:raxe450_firmware:1.0.1.52
-
cpe:2.3:o:netgear:raxe450_firmware:1.0.10.86
-
cpe:2.3:o:netgear:raxe450_firmware:1.0.11.94
-
cpe:2.3:o:netgear:raxe450_firmware:1.0.12.96
-
cpe:2.3:o:netgear:raxe450_firmware:1.0.17.142
-
cpe:2.3:o:netgear:raxe450_firmware:1.0.5.62
-
cpe:2.3:o:netgear:raxe450_firmware:1.0.6.64
-
cpe:2.3:o:netgear:raxe450_firmware:1.0.7.68
-
cpe:2.3:o:netgear:raxe450_firmware:1.0.8.70
-
cpe:2.3:o:netgear:raxe450_firmware:1.0.9.78
-
cpe:2.3:o:netgear:raxe450_firmware:1.2.13.100
-
cpe:2.3:o:netgear:raxe500_firmware:-
-
cpe:2.3:o:netgear:raxe500_firmware:1.0.0.48
-
cpe:2.3:o:netgear:raxe500_firmware:1.0.1.52
-
cpe:2.3:o:netgear:raxe500_firmware:1.0.10.82
-
cpe:2.3:o:netgear:raxe500_firmware:1.0.10.86
-
cpe:2.3:o:netgear:raxe500_firmware:1.0.11.94
-
cpe:2.3:o:netgear:raxe500_firmware:1.0.12.96
-
cpe:2.3:o:netgear:raxe500_firmware:1.0.5.62
-
cpe:2.3:o:netgear:raxe500_firmware:1.0.6.64
-
cpe:2.3:o:netgear:raxe500_firmware:1.0.7.68
-
cpe:2.3:o:netgear:raxe500_firmware:1.0.8.70
-
cpe:2.3:o:netgear:raxe500_firmware:1.0.9.78
-
cpe:2.3:o:netgear:raxe500_firmware:1.2.13.100