CVE-2026-9211

MEDIUM EPSS 14.2%

Published Jun 9, 20262w ago · Modified Jun 18, 20261w ago

5.2 CVSS 4.0

Medium

Published Jun 9, 2026 2w ago

Last Modified Jun 18, 2026 1w ago

Description

An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation.

CVSS Details

Base Score

5.2

Exploitability

—

Impact

—

Vector string

CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber

Attack Vector Adjacent

Attack Complexity Low

Privileges Required None

User Interaction None

Scope X

Threat Intelligence

EPSS Exploit Probability

14.2% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-20 Improper Input Validation Validation

Affected Products 8

Vendor	Product	Version	Range
netgear	cax30_firmware	*	<2.2.1.4
netgear	cax30	*	any
netgear	rax30_firmware	*	<1.0.10.94
netgear	rax30	*	any
netgear	rax5_firmware	*	<1.0.5.34
netgear	rax5	*	any
netgear	raxe300_firmware	*	<1.0.10.72
netgear	raxe300	*	any

References 5

kb.netgear.com https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory

Vendor Advisory
netgear.com https://www.netgear.com/support/product/cax30/

Product
netgear.com https://www.netgear.com/support/product/rax30/

Product
netgear.com https://www.netgear.com/support/product/rax5/

Product
netgear.com https://www.netgear.com/support/product/raxe300/

Product

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.