Back to overview

CVE-2026-62656

MEDIUM
5.4
CVSS 4.0
Description
A security flaw was found in certain NETGEAR RAX models that could allow a logged-in user to send specially crafted requests to the router and run unauthorized commands. This could enable the user to make unauthorized changes to the router and affect its security and operation.

Metadata

CVE ID
CVE-2026-62656
State
PUBLISHED
Assigner
NETGEAR
Reserved
2026-07-14 16:31 UTC
Published
2026-07-14 17:46 UTC
Last updated
2026-07-14 17:46 UTC
Primary CWE
CWE-20
CWE-20 Improper input validation
Vendor / Product
NETGEAR / RAXE450
Sources
cve.org  ·  NVD

Severity & Metrics

5.4 MEDIUM CVSS 4.0
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P
Affected products (2)
VendorProductPlatformVersions
NETGEAR RAXE450 0 < V1.2.14.114
NETGEAR RAXE500 0 < V1.2.14.114
Weakness (CWE)
CWESourceDescription
CWE-20 cna CWE-20 Improper input validation
CVSS scores (1)
ScoreSeverityVersionSourceVector
5.4 MEDIUM 4.0 cna CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P
Back to overview