Sign-up

ID

VAR-202606-3571


CVE

CVE-2026-0419


DESCRIPTION

Insufficient input validation in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows users connected to the local WiFi Networks to execute operating system commands.Ā NETGEAR JR6150 has reached End-of-Support phase as of 2018 , and no further security updates are planned. NETGEARĀ strongly recommends replacing these devices with newer NETGEAR models to ensure continued security support and updates. This vulnerability has been identified through firmware emulation in a controlled research environment and has not been verified on production hardware.

Trust: 1.0

sources: NVD: CVE-2026-0419

AFFECTED PRODUCTS

vendor:netgearmodel:jr6150scope:eqversion: -

Trust: 1.0

sources: NVD: CVE-2026-0419

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2026-0419
value: HIGH

Trust: 1.0

a2826606-91e7-4eb6-899e-8484bd4575d5: CVE-2026-0419
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2026-0419
baseSeverity: HIGH
baseScore: 8.0
vectorString: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.1
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: NVD: CVE-2026-0419 // NVD: CVE-2026-0419

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.0

sources: NVD: CVE-2026-0419

EXTERNAL IDS

db:NVDid:CVE-2026-0419

Trust: 1.0

sources: NVD: CVE-2026-0419

REFERENCES

url:https://kb.netgear.com/000070811/june-2026-netgear-security-advisory

Trust: 1.0

url:https://www.netgear.com/support/product/jr6150

Trust: 1.0

sources: NVD: CVE-2026-0419

SOURCES

db:NVDid:CVE-2026-0419

LAST UPDATE DATE

2026-06-19T23:02:08.154000+00:00


SOURCES UPDATE DATE

db:NVDid:CVE-2026-0419date:2026-06-18T17:09:54.123

SOURCES RELEASE DATE

db:NVDid:CVE-2026-0419date:2026-06-09T17:17:00