Unrated severityNVD Advisory· Published Jan 13, 2026· Updated Feb 26, 2026

Insufficient input validation in NETGEAR Orbi routers

CVE-2026-0403

Description

An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections.

Affected products

Netgear/Orbillm-fuzzy
NETGEAR/RBE970v5
Range: 0
NETGEAR/RBE971v5
Range: 0
NETGEAR/RBR750v5
Range: 0
NETGEAR/RBR850v5
Range: 0
NETGEAR/RBR860v5
Range: 0
NETGEAR/RBRE960v5
Range: 0
NETGEAR/RBS750v5
Range: 0
NETGEAR/RBS850v5
Range: 0
NETGEAR/RBS860v5
Range: 0
NETGEAR/RBSE960v5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.netgear.com/support/product/rbe970mitreproductpatch
www.netgear.com/support/product/rbe971mitreproductpatch
www.netgear.com/support/product/rbr750mitreproductpatch
www.netgear.com/support/product/rbr850mitreproductpatch
www.netgear.com/support/product/rbr860mitreproductpatch
www.netgear.com/support/product/rbre960mitreproductpatch
www.netgear.com/support/product/rbs750mitrepatchproduct
www.netgear.com/support/product/rbs850mitreproductpatch
www.netgear.com/support/product/rbs860mitreproductpatch
www.netgear.com/support/product/rbse960mitreproductpatch
kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisorymitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000