NETGEAR 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
過去の問題は主に パス処理の欠陥 and vendor risk csrf などに関し、一部は ファイル上書き を招き、vendor surface production workloads and vendor surface software deployment 関連の場面に影響します。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2022-40620 | FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. An attacker (suitably positioned on the network) could intercept the update request and deliver a malicious update package in order to gain arbitrary code execution on affected devices. This affects R6230 before 1.1.0.112, R6260 before 1.1.0.88, R7000 before 1.0.11.134, R8900 before 1.0.5.42, R9000 b | [email protected] | 7.7 | 0.27% | 2026-01-28 | 2026-03-09 |
| CVE-2022-40619 | FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsq_access_token parameter. This affects R6230 before 1.1.0.112, R6260 before 1.1.0.88, R7000 before 1.0.11.134, R8900 before 1.0.5.42, R9000 before 1.0.5.42, and XR300 before 1.0.3.72 and Orbi RBR20 before 2.7.2.26, RBR50 before 2.7.4.26, RBS20 before 2. | [email protected] | 7.7 | 2.23% | 2026-01-28 | 2026-03-09 |
| CVE-2026-0408 | A path traversal vulnerability in NETGEAR WiFi range extenders allows an attacker with LAN authentication to access the router's IP and review the contents of the dynamically generated webproc file, which records the username and password submitted to the router GUI. | a2826606-91e7-4eb6-899e-8484bd4575d5 | 6.1 | 0.23% | 2026-01-13 | 2026-02-20 |
| CVE-2026-0407 | An insufficient authentication vulnerability in NETGEAR WiFi range extenders allows a network adjacent attacker with WiFi authentication or a physical Ethernet port connection to bypass the authentication process and access the admin panel. | a2826606-91e7-4eb6-899e-8484bd4575d5 | 6.1 | 0.23% | 2026-01-13 | 2026-02-20 |
| CVE-2026-0406 | An insufficient input validation vulnerability in the NETGEAR XR1000v2 allows attackers connected to the router's LAN to execute OS command injections. | a2826606-91e7-4eb6-899e-8484bd4575d5 | 6.1 | 0.22% | 2026-01-13 | 2026-02-20 |
| CVE-2026-0405 | An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin. | a2826606-91e7-4eb6-899e-8484bd4575d5 | 6.1 | 0.33% | 2026-01-13 | 2026-02-12 |
| CVE-2026-0404 | An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default. | a2826606-91e7-4eb6-899e-8484bd4575d5 | 4.8 | 1.06% | 2026-01-13 | 2026-02-12 |
| CVE-2026-0403 | An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections. | a2826606-91e7-4eb6-899e-8484bd4575d5 | 1.1 | 0.29% | 2026-01-13 | 2026-02-20 |
| CVE-2025-50526 | Netgear EX8000 V1.0.0.126 was discovered to contain a command injection vulnerability via the switch_status function. | [email protected] | 9.8 | 1.05% | 2025-12-23 | 2026-01-02 |
| CVE-2025-45493 | Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the iface parameter in the action_bandwidth function. | [email protected] | 6.5 | 0.78% | 2025-12-23 | 2026-01-05 |
| CVE-2025-12946 | A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run. This issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RA | a2826606-91e7-4eb6-899e-8484bd4575d5 | 4.4 | 0.26% | 2025-12-09 | 2026-01-21 |
| CVE-2025-12945 | A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. This issue affects R7000P: through 1.3.3.154. | a2826606-91e7-4eb6-899e-8484bd4575d5 | 1.1 | 1.61% | 2025-12-09 | 2026-01-16 |
| CVE-2025-12941 | Denial of Service Vulnerability in NETGEAR C6220 and C6230 (DOCSIS® 3.0 Two-in-one Cable Modem + WiFi Router) allows authenticated local WiFi users reboot the router. | a2826606-91e7-4eb6-899e-8484bd4575d5 | 5.0 | 0.17% | 2025-12-09 | 2026-01-16 |
| CVE-2025-12944 | Improper input validation in NETGEAR DGN2200v4 (N300 Wireless ADSL2+ Modem Router) allows attackers with direct network access to the device to potentially execute code on the device. Please check the firmware version and update to the latest. Fixed in: DGN2200v4 firmware 1.0.0.132 or later | a2826606-91e7-4eb6-899e-8484bd4575d5 | 6.8 | 0.23% | 2025-11-11 | 2025-12-08 |
| CVE-2025-12943 | Improper certificate validation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream AX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band WiFi 6E Router) allows attackers with the ability to intercept and tamper traffic destined to the device to execute arbitrary commands on the device. Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update to the latest. Fixed in: RAX30 firmware 1.0.14.108 or | a2826606-91e7-4eb6-899e-8484bd4575d5 | 5.2 | 0.14% | 2025-11-11 | 2025-12-08 |
| CVE-2025-12942 | Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86. | a2826606-91e7-4eb6-899e-8484bd4575d5 | 4.8 | 0.27% | 2025-11-11 | 2025-12-08 |
| CVE-2025-12940 | Login credentials are inadvertently recorded in logs if a Syslog Server is configured in NETGEAR WAX610 and WAX610Y (AX1800 Dual Band PoE Multi-Gig Insight Managed WiFi 6 Access Points). An user having access to the syslog server can read the logs containing these credentials. This issue affects WAX610: before 10.8.11.4; WAX610Y: before 10.8.11.4. Devices managed with Insight get automatic updates. If not, please check the firmware version and update to the latest. Fixed in: WAX610 | a2826606-91e7-4eb6-899e-8484bd4575d5 | 0.5 | 0.24% | 2025-11-11 | 2025-12-08 |
| CVE-2013-10061 | An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45) via the TimeToLive parameter in the setup.cgi endpoint. The vulnerability arises from improper input neutralization, enabling command injection through crafted POST requests. This flaw enables remote attackers to deploy payloads or manipulate system state post-authentication. | [email protected] | 8.6 | 4.39% | 2025-08-01 | 2025-09-23 |
| CVE-2013-10060 | An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoe_username parameter. This flaw allows full compromise of the device and may persist across reboots unless configuration is restored. | [email protected] | 9.4 | 4.55% | 2025-08-01 | 2025-09-23 |
| CVE-2025-44652 | In Netgear RAX30 V1.0.10.94_3, the USERLIMIT_GLOBAL option is set to 0 in multiple bftpd-related configuration files. This can cause DoS attacks when unlimited users are connected. | [email protected] | 7.5 | 0.51% | 2025-07-21 | 2026-01-02 |