CVE-2026-0404

EUVD-2026-2224
An insufficient input validation vulnerability in NETGEAR Orbi devices' 
DHCPv6 functionality allows network adjacent attackers authenticated 
over WiFi or on LAN to execute OS command injections on the router. 
DHCPv6 is not enabled by default.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8 HIGH
ADJACENT_NETWORK
LOW
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
Affected Products (NVD)
VendorProductVersion
netgearrbr750_firmware
𝑥
< 7.2.8.5
netgearrbr840_firmware
𝑥
< 7.2.8.5
netgearrbr850_firmware
𝑥
< 7.2.8.5
netgearrbr860_firmware
𝑥
< 7.2.8.5
netgearrbs750_firmware
𝑥
< 7.2.8.5
netgearrbs840_firmware
𝑥
< 7.2.8.5
netgearrbs850_firmware
𝑥
< 7.2.8.5
netgearrbs860_firmware
𝑥
< 7.2.8.5
netgearrbre950_firmware
𝑥
< 7.2.8.5
netgearrbre960_firmware
𝑥
< 7.2.8.5
netgearrbse950_firmware
𝑥
< 7.2.8.5
netgearrbse960_firmware
𝑥
< 7.2.8.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory
https://www.netgear.com/support/product/rbr750
https://www.netgear.com/support/product/rbr840
https://www.netgear.com/support/product/rbr850
https://www.netgear.com/support/product/rbr860
https://www.netgear.com/support/product/rbre950
https://www.netgear.com/support/product/rbre960
https://www.netgear.com/support/product/rbs750
https://www.netgear.com/support/product/rbs840
https://www.netgear.com/support/product/rbs850
https://www.netgear.com/support/product/rbs860
https://www.netgear.com/support/product/rbse950
https://www.netgear.com/support/product/rbse960