Insufficient input validation in certain NETGEAR routers
CVE-2026-9213

6.9MEDIUM

Key Information:

Vendor: Netgear
Status: Mr70; Ms70; Raxe500; Xr1000
Vendor: CVE Published:; 9 June 2026

What is CVE-2026-9213?

A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper traffic between the router and the Internet, to execute code on the device.

Affected Version(s)

MR70 0

MS70 0

RAXE500 0

References

https://www.netgear.com/support/product/mr70/

productpatch

https://www.netgear.com/support/product/ms70/

productpatch

https://www.netgear.com/support/product/raxe500/

productpatch

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 9, 2026
Vulnerability Reserved
May 21, 2026

Credit

fluorescent

CVE-2026-9213 Data

JSON

Netgear

What is CVE-2026-9213?

Affected Version(s)

References

CVSS V4

Timeline

Credit