CVE-2026-62656
MEDIUM
5.4
CVSS 4.0
Description
A
security flaw was found in certain NETGEAR RAX models that could allow
a logged-in user to send specially crafted requests to the router and run
unauthorized commands. This could enable the user to make unauthorized changes
to the router and affect its security and operation.
Metadata
Severity & Metrics
5.4
MEDIUM CVSS 4.0
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P
Affected products (2)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| NETGEAR | RAXE450 | — | 0 < V1.2.14.114 |
| NETGEAR | RAXE500 | — | 0 < V1.2.14.114 |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-20 | cna | CWE-20 Improper input validation |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 5.4 | MEDIUM | 4.0 | cna | CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P |
References (2)