CVE-2026-9211 MEDIUM

CVE-2026-9211: Certain NETGEAR routers allow unauthenticated users to gain control of the router

Vendor Netgear

Product CAX30

Weakness CWE-20 · Input validation

Published June 9, 2026

Last update June 10, 2026

View on NVD All CVEs

CVSS base score

5.2/10

Attack vector Adjacent

Attack complexity Low

Privileges required None

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber

What the vulnerability does

01Description

An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation.

Key dates

02Disclosure timeline

June 9, 2026 CVE published

June 10, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-9211 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/20.html

Related vulnerabilities

Identifiers

CVE CVE-2026-9211

CWE CWE-20

CVSS 5.2 / MEDIUM

Affected versions

Vendor Netgear

Product CAX30

Affected < V2.2.1.4

Vendor Netgear

Product RAX30

Affected < V1.0.10.94

Vendor Netgear

Product RAX5

Affected < V1.0.5.34

Vendor Netgear

Product RAXE300

Affected < V1.0.10.72

CVE-2026-9211: Certain NETGEAR routers allow unauthenticated users to gain control of the router

01Description

02Disclosure timeline

03References

04Related CVE