4.5
MEDIUM CVSS 3.1
CVE-2026-0418
Certain NETGEAR devices allow administrators to tamper with system
Description

Insufficient configuration management in the listed devices allows authenticated administrators connected to the local network to tamper with the system.

INFO

Published Date :

June 9, 2026, 5:16 p.m.

Last Modified :

June 10, 2026, 5:16 p.m.

Remotely Exploit :

No

Source :

a2826606-91e7-4eb6-899e-8484bd4575d5
Affected Products

The following products are affected by CVE-2026-0418 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Netgear rbr750_firmware
2 Netgear rbs750_firmware
3 Netgear rbr850_firmware
4 Netgear rbs850_firmware
5 Netgear mr60_firmware
6 Netgear ms60_firmware
7 Netgear rax15_firmware
8 Netgear rax20_firmware
9 Netgear rax200_firmware
10 Netgear rax45_firmware
11 Netgear rax50_firmware
12 Netgear rax75_firmware
13 Netgear rax80_firmware
14 Netgear rbr840_firmware
15 Netgear rbs840_firmware
16 Netgear ex6120_firmware
17 Netgear ex6130_firmware
18 Netgear mr80_firmware
19 Netgear ms80_firmware
20 Netgear rax42_firmware
21 Netgear rax43_firmware
22 Netgear rax48_firmware
23 Netgear rax50s_firmware
24 Netgear cbr750_firmware
25 Netgear xr1000_firmware
26 Netgear rbre960_firmware
27 Netgear rbse960_firmware
28 Netgear rax35v2_firmware
29 Netgear rax40v2_firmware
30 Netgear rax38v2_firmware
31 Netgear raxe450_firmware
32 Netgear raxe500_firmware
33 Netgear xr1000
34 Netgear ex6120
35 Netgear xr1000
36 Netgear ex6130
37 Netgear rbr750
38 Netgear rbs750
39 Netgear rbr850
40 Netgear rbs850
41 Netgear rbr840
42 Netgear rbs840
43 Netgear mr60
44 Netgear ms60
45 Netgear rax20
46 Netgear rax80
47 Netgear rax15
48 Netgear rax200
49 Netgear rax45
50 Netgear rax50
51 Netgear rax75
52 Netgear rax35v2
53 Netgear rax38v2
54 Netgear rax40v2
55 Netgear rax42
56 Netgear rax43
57 Netgear rax48
58 Netgear rax50s
59 Netgear raxe450
60 Netgear raxe500
61 Netgear cbr750
62 Netgear rbre960
63 Netgear rbse960
64 Netgear mr80
65 Netgear ms80
66 Netgear rs700_firmware
67 Netgear rs700
68 Netgear mr70_firmware
69 Netgear ms70_firmware
CVSS Scores
The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.
Score Version Severity Vector Exploitability Score Impact Score Source
CVSS 3.1 MEDIUM [email protected]
CVSS 4.0 MEDIUM a2826606-91e7-4eb6-899e-8484bd4575d5
CVSS 4.0 MEDIUM a2826606-91e7-4eb6-899e-8484bd4575d5
Solution
Harden device configurations to prevent unauthorized system tampering by administrators.
  • Review and enforce strict configuration management policies.
  • Restrict administrative access to critical system settings.
  • Implement least privilege for all administrative roles.
  • Monitor configuration changes for anomalies.
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2026-0418.

URL Resource
https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory
https://www.netgear.com/support/product/cbr750/
https://www.netgear.com/support/product/ex6120/
https://www.netgear.com/support/product/ex6130/
https://www.netgear.com/support/product/mr60/
https://www.netgear.com/support/product/mr70/
https://www.netgear.com/support/product/mr80/
https://www.netgear.com/support/product/ms60/
https://www.netgear.com/support/product/ms70/
https://www.netgear.com/support/product/ms80/
https://www.netgear.com/support/product/rax15/
https://www.netgear.com/support/product/rax20/
https://www.netgear.com/support/product/rax200/
https://www.netgear.com/support/product/rax35v2/
https://www.netgear.com/support/product/rax38v2/
https://www.netgear.com/support/product/rax40v2/
https://www.netgear.com/support/product/rax42/
https://www.netgear.com/support/product/rax43/
https://www.netgear.com/support/product/rax45/
https://www.netgear.com/support/product/rax48/
https://www.netgear.com/support/product/rax50/
https://www.netgear.com/support/product/rax50s/
https://www.netgear.com/support/product/rax75/
https://www.netgear.com/support/product/rax80/
https://www.netgear.com/support/product/raxe450/
https://www.netgear.com/support/product/raxe500/
https://www.netgear.com/support/product/rbr750/
https://www.netgear.com/support/product/rbr840/
https://www.netgear.com/support/product/rbr850/
https://www.netgear.com/support/product/rbre960/
https://www.netgear.com/support/product/rbs750/
https://www.netgear.com/support/product/rbs840/
https://www.netgear.com/support/product/rbs850/
https://www.netgear.com/support/product/rbse960/
https://www.netgear.com/support/product/rs700/
https://www.netgear.com/support/product/xr1000/
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2026-0418 is associated with the following CWEs:

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2026-0418 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2026-0418 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by a2826606-91e7-4eb6-899e-8484bd4575d5

    Jun. 10, 2026

    Action Type Old Value New Value
    Added Reference https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory
  • New CVE Received by a2826606-91e7-4eb6-899e-8484bd4575d5

    Jun. 09, 2026

    Action Type Old Value New Value
    Added Description Insufficient configuration management in the listed devices allows authenticated administrators connected to the local network to tamper with the system.
    Added CVSS V4.0 AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:D/RE:L/U:Amber
    Added CWE CWE-15
    Added Reference https://www.netgear.com/support/product/cbr750/
    Added Reference https://www.netgear.com/support/product/ex6120/
    Added Reference https://www.netgear.com/support/product/ex6130/
    Added Reference https://www.netgear.com/support/product/mr60/
    Added Reference https://www.netgear.com/support/product/mr70/
    Added Reference https://www.netgear.com/support/product/mr80/
    Added Reference https://www.netgear.com/support/product/ms60/
    Added Reference https://www.netgear.com/support/product/ms70/
    Added Reference https://www.netgear.com/support/product/ms80/
    Added Reference https://www.netgear.com/support/product/rax15/
    Added Reference https://www.netgear.com/support/product/rax20/
    Added Reference https://www.netgear.com/support/product/rax200/
    Added Reference https://www.netgear.com/support/product/rax35v2/
    Added Reference https://www.netgear.com/support/product/rax38v2/
    Added Reference https://www.netgear.com/support/product/rax40v2/
    Added Reference https://www.netgear.com/support/product/rax42/
    Added Reference https://www.netgear.com/support/product/rax43/
    Added Reference https://www.netgear.com/support/product/rax45/
    Added Reference https://www.netgear.com/support/product/rax48/
    Added Reference https://www.netgear.com/support/product/rax50/
    Added Reference https://www.netgear.com/support/product/rax50s/
    Added Reference https://www.netgear.com/support/product/rax75/
    Added Reference https://www.netgear.com/support/product/rax80/
    Added Reference https://www.netgear.com/support/product/raxe450/
    Added Reference https://www.netgear.com/support/product/raxe500/
    Added Reference https://www.netgear.com/support/product/rbr750/
    Added Reference https://www.netgear.com/support/product/rbr840/
    Added Reference https://www.netgear.com/support/product/rbr850/
    Added Reference https://www.netgear.com/support/product/rbre960/
    Added Reference https://www.netgear.com/support/product/rbs750/
    Added Reference https://www.netgear.com/support/product/rbs840/
    Added Reference https://www.netgear.com/support/product/rbs850/
    Added Reference https://www.netgear.com/support/product/rbse960/
    Added Reference https://www.netgear.com/support/product/rs700/
    Added Reference https://www.netgear.com/support/product/xr1000/
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.