Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.
CVSS Score
4.3
EPSS Score
0.003
Published
2026-06-09
Insufficient configuration management in the listed devices allows authenticated administrators connected to the local network
to tamper with the system.
CVSS Score
4.3
EPSS Score
0.003
Published
2026-06-09
A buffer overflow vulnerability due to insufficient input validation in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.
CVSS Score
4.3
EPSS Score
0.003
Published
2026-06-09
An insufficient input validation vulnerability in NETGEAR Orbi routers
allows attackers connected to the router's LAN to execute OS command
injections.
CVSS Score
1.1
EPSS Score
0.003
Published
2026-01-13
An insufficient input validation vulnerability in NETGEAR Orbi devices'
DHCPv6 functionality allows network adjacent attackers authenticated
over WiFi or on LAN to execute OS command injections on the router.
DHCPv6 is not enabled by default.
CVSS Score
4.8
EPSS Score
0.011
Published
2026-01-13
An authentication bypass vulnerability in NETGEAR Orbi devices allows
users connected to the local network to access the router web interface
as an admin.
CVSS Score
6.1
EPSS Score
0.003
Published
2026-01-13
A command execution vulnerability exists in the access control functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVSS Score
9.1
EPSS Score
0.028
Published
2023-03-21
A command execution vulnerability exists in the hidden telnet service functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability.
CVSS Score
7.2
EPSS Score
0.021
Published
2023-03-21
A cleartext transmission vulnerability exists in the Remote Management functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information.
CVSS Score
6.5
EPSS Score
0.006
Published
2023-03-21
A command execution vulnerability exists in the ubus backend communications functionality of Netgear Orbi Satellite RBS750 4.6.8.5. A specially-crafted JSON object can lead to arbitrary command execution. An attacker can send a sequence of malicious packets to trigger this vulnerability.
CVSS Score
7.2
EPSS Score
0.02
Published
2023-03-21
Page 1