CVE-2026-3088

MEDIUM EPSS 27.6%
Published Jun 9, 20262w ago · Modified Jun 18, 20261w ago
4.9 CVSS 4.0
Medium
Find Similar
Published Jun 9, 2026 2w ago
Last Modified Jun 18, 2026 1w ago

Description

Unauthenticated users on the local network can cause the router to become unavailable by sending specially crafted requests.

CVSS Details

Base Score
4.9
Exploitability
Impact
Vector string
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber
Attack Vector Adjacent
Attack Complexity Low
Privileges Required None
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
27.6% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-787 Out-of-bounds Write Memory Safety

Affected Products 16

VendorProductVersionRange
netgearrbe970_firmware* <9.10.1.4
netgearrbe970*any
netgearrbe971_firmware* <9.10.1.4
netgearrbe971*any
netgearrbr860_firmware* <7.2.7.15
netgearrbr860*any
netgearrbre950_firmware* <7.2.7.15
netgearrbre950*any
netgearrbre960_firmware* <7.2.7.15
netgearrbre960*any
netgearrbs860_firmware* <7.2.7.15
netgearrbs860*any
netgearrbse950_firmware* <7.2.7.15
netgearrbse950*any
netgearrbse960_firmware* <7.2.7.15
netgearrbse960*any

References 7

  • kb.netgear.com https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory
    Vendor Advisory
  • netgear.com https://www.netgear.com/support/product/rbr860/
    Product
  • netgear.com https://www.netgear.com/support/product/rbre950/
    Product
  • netgear.com https://www.netgear.com/support/product/rbre960/
    Product
  • netgear.com https://www.netgear.com/support/product/rbs860/
    Product
  • netgear.com https://www.netgear.com/support/product/rbse950/
    Product
  • netgear.com https://www.netgear.com/support/product/rbse960/
    Product

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.