A security flaw was found in certain NETGEAR RAX models that could allow a logged-in user to send specially crafted requests to the router and run unauthorized commands. This could enable the user to make unauthorized changes to the router and affect its security and operation.
History

Tue, 14 Jul 2026 18:15:00 +0000

Type Values Removed Values Added
Description A security flaw was found in certain NETGEAR RAX models that could allow a logged-in user to send specially crafted requests to the router and run unauthorized commands. This could enable the user to make unauthorized changes to the router and affect its security and operation.
Title Post-authenticated command injection vulnerability found in certain NETGEAR RAX models
Weaknesses CWE-20
References
Metrics cvssV4_0

{'score': 5.4, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P'}


cve-icon MITRE

Status: PUBLISHED

Assigner: NETGEAR

Published:

Updated: 2026-07-14T17:46:15.194Z

Reserved: 2026-07-14T16:31:02.508Z

Link: CVE-2026-62656

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.