An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
| Vendor | Product | Versions | Fixed In |
|---|---|---|---|
| netgear | rbe971_firmware | 9.10.0.2 | - |
| netgear | rbe970_firmware | 9.10.0.2 | - |
| netgear | rbr750_firmware |
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
10
Affected Products
11
References
netgear / rbe971_firmware
| 7.2.8.5 |
| - |
| netgear | rbr850_firmware | 7.2.8.5 | - |
| netgear | rbr860_firmware | 7.2.8.5 | - |
| netgear | rbs750_firmware | 7.2.8.5 | - |
| netgear | rbs850_firmware | 7.2.8.5 | - |
| netgear | rbs860_firmware | 7.2.8.5 | - |
| netgear | rbre960_firmware | 7.2.8.5 | - |
| netgear | rbse960_firmware | 7.2.8.5 | - |
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability
Impact