Insufficient Input Validation in NETGEAR JR6150 Router
CVE-2026-0412

4.3MEDIUM

Key Information:

Vendor

Netgear

Status
Vendor
CVE Published:
9 June 2026

What is CVE-2026-0412?

An insufficient input validation flaw exists in the NETGEAR JR6150 router, first released in 2014. This vulnerability permits local network administrators to make unauthorized changes to the router's software and functionalities. As the NETGEAR JR6150 has reached End-of-Support status as of 2018, it no longer receives security updates, which raises significant security concerns for users. NETGEAR strongly advises upgrading to newer router models to maintain crucial security support and updates, ensuring ongoing protection against potential exploits.

Affected Version(s)

JR6150 0

References

CVSS V4

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Security Research Center (SRC) @ Concordia University
.