CVE-2026-0403

Published Jan 13, 2026

Last updated 2 months ago

CVSS low 1.1

Netgear

Overview

Description: An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections.
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
NVD status: Analyzed
Products: rbe971_firmware, rbe970_firmware, rbr750_firmware, rbr850_firmware, rbr860_firmware, rbs750_firmware, rbs850_firmware, rbs860_firmware, rbre960_firmware, rbse960_firmware

Risk scores

CVSS 4.0

Type: Secondary
Base score: 1.1
Impact score: -
Exploitability score: -
Vector string: CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
Severity: LOW

CVSS 3.1

Type: Primary
Base score: 8
Impact score: 5.9
Exploitability score: 2.1
Vector string: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

a2826606-91e7-4eb6-899e-8484bd4575d5: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbe971_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "EDAED6D8-B0E2-45A0-A817-84112A556728",
            "versionEndExcluding": "9.10.0.2",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbe971:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "C3080999-19F9-4651-80F3-A6461C27E489",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbe970_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "04268C8F-D8F6-46A9-8006-8FEED3ABF440",
            "versionEndExcluding": "9.10.0.2",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbe970:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "DE1F3088-9598-4EB5-A8A0-E0D4E529CB12",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "0D73C133-BD68-4532-B267-61796ECB1A07",
            "versionEndExcluding": "7.2.8.5",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "C13F5C69-FA9B-472A-9036-0C2967BDCDE9",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "7E5B3B94-CC3D-4CFC-9FE2-9EF5CEBD4B1A",
            "versionEndExcluding": "7.2.8.5",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "D92E4C8E-222A-476C-8273-F7171FC61F0B",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbr860_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "659D5BE0-C045-48FD-9214-B35D408AF0BA",
            "versionEndExcluding": "7.2.8.5",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbr860:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "928FC2C1-4D05-495B-ACD8-1D013EB18EE6",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "0821D003-6E44-46DB-B3D1-2CA553483036",
            "versionEndExcluding": "7.2.8.5",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "B529194C-C440-4BC3-850F-0613FC548F86",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "79468E3C-C58C-4076-BB85-4C331BCC300C",
            "versionEndExcluding": "7.2.8.5",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "221CA950-E984-44CD-9E1B-3AADE3CEBE52",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbs860_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "4D8CED97-AA9C-4655-B521-319021F1F9DB",
            "versionEndExcluding": "7.2.8.5",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbs860:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "E6630553-D726-4524-8BD2-3EE839DE6676",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbre960_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "C22E56DA-E0B9-4A24-B818-F7919B8CDB5C",
            "versionEndExcluding": "7.2.8.5",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbre960:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "314FF95E-5A0C-4A6B-B8D6-28546F2C1A12",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbse960_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "19048F97-E226-4287-A206-9006F7B91E21",
            "versionEndExcluding": "7.2.8.5",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbse960:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "419AF785-61C6-4911-A170-6A06D7991948",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 4.0

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References