Sign-up

ID

VAR-202601-1875


CVE

CVE-2026-0403


TITLE

of netgear RBE970 FIRMWARE Vulnerabilities related to input confirmation in multiple products such as

Trust: 0.8

sources: JVNDB: JVNDB-2026-004593

DESCRIPTION

An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software

Trust: 1.62

sources: NVD: CVE-2026-0403 // JVNDB: JVNDB-2026-004593

AFFECTED PRODUCTS

vendor:netgearmodel:rbr750scope:ltversion:7.2.8.5

Trust: 1.0

vendor:netgearmodel:rbs850scope:ltversion:7.2.8.5

Trust: 1.0

vendor:netgearmodel:rbr860scope:ltversion:7.2.8.5

Trust: 1.0

vendor:netgearmodel:rbse960scope:ltversion:7.2.8.5

Trust: 1.0

vendor:netgearmodel:rbe971scope:ltversion:9.10.0.2

Trust: 1.0

vendor:netgearmodel:rbs860scope:ltversion:7.2.8.5

Trust: 1.0

vendor:netgearmodel:rbs750scope:ltversion:7.2.8.5

Trust: 1.0

vendor:netgearmodel:rbe970scope:ltversion:9.10.0.2

Trust: 1.0

vendor:netgearmodel:rbr850scope:ltversion:7.2.8.5

Trust: 1.0

vendor:netgearmodel:rbre960scope:ltversion:7.2.8.5

Trust: 1.0

vendor:ネットギアmodel:rbre960scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:rbe970scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:rbe971scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:rbr750scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:rbse960scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:rbs850scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:rbr850scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:rbs860scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:rbr860scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:rbs750scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2026-004593 // NVD: CVE-2026-0403

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2026-0403
value: HIGH

Trust: 1.0

a2826606-91e7-4eb6-899e-8484bd4575d5: CVE-2026-0403
value: LOW

Trust: 1.0

NVD: CVE-2026-0403
value: HIGH

Trust: 0.8

nvd@nist.gov: CVE-2026-0403
baseSeverity: HIGH
baseScore: 8.0
vectorString: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.1
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2026-0403
baseSeverity: HIGH
baseScore: 8.0
vectorString: CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2026-004593 // NVD: CVE-2026-0403 // NVD: CVE-2026-0403

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.0

problemtype:Inappropriate input confirmation (CWE-20) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2026-004593 // NVD: CVE-2026-0403

PATCH

title:January 2026 NETGEAR Security Advisory - NETGEAR Supporturl:https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory

Trust: 0.8

sources: JVNDB: JVNDB-2026-004593

EXTERNAL IDS

db:NVDid:CVE-2026-0403

Trust: 2.6

db:JVNDBid:JVNDB-2026-004593

Trust: 0.8

sources: JVNDB: JVNDB-2026-004593 // NVD: CVE-2026-0403

REFERENCES

url:https://www.netgear.com/support/product/rbs860

Trust: 1.8

url:https://www.netgear.com/support/product/rbs850

Trust: 1.8

url:https://www.netgear.com/support/product/rbe971

Trust: 1.8

url:https://www.netgear.com/support/product/rbr860

Trust: 1.8

url:https://www.netgear.com/support/product/rbr750

Trust: 1.8

url:https://www.netgear.com/support/product/rbr850

Trust: 1.8

url:https://www.netgear.com/support/product/rbse960

Trust: 1.8

url:https://www.netgear.com/support/product/rbe970

Trust: 1.8

url:https://www.netgear.com/support/product/rbre960

Trust: 1.8

url:https://www.netgear.com/support/product/rbs750

Trust: 1.8

url:https://kb.netgear.com/000070442/january-2026-netgear-security-advisory

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2026-0403

Trust: 0.8

sources: JVNDB: JVNDB-2026-004593 // NVD: CVE-2026-0403

SOURCES

db:JVNDBid:JVNDB-2026-004593
db:NVDid:CVE-2026-0403

LAST UPDATE DATE

2026-02-25T23:13:54.570000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2026-004593date:2026-02-24T07:42:00
db:NVDid:CVE-2026-0403date:2026-02-20T19:38:39.640

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2026-004593date:2026-02-24T00:00:00
db:NVDid:CVE-2026-0403date:2026-01-13T16:16:10.150