TLS Certificate Validation Flaw in NETGEAR ReadyCloud Client App
CVE-2026-0420

4.6MEDIUM

Key Information:

Vendor

Netgear

Status
Vendor
CVE Published:
9 June 2026

What is CVE-2026-0420?

The NETGEAR ReadyCloud client app contains a vulnerability resulting from improper implementation of TLS certificate validation. This security flaw can enable attackers to execute man-in-the-middle (MiTM) attacks, jeopardizing the confidentiality of user data. Affected NETGEAR products include various models that may expose sensitive information to malicious actors due to this oversight in the app's design. Users are encouraged to apply patches and updates provided by NETGEAR to mitigate the risks associated with this vulnerability.

Affected Version(s)

RAX120v1 0

RAX120v2 0

RAX35 0

References

CVSS V4

Score:
4.6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

talsonor
.