RAX5
by Netgear
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-9211 | Med | 0.34 | — | 0.00 | Jun 9, 2026 | An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation. | ||
| CVE-2024-57229 | 0.01 | — | 0.01 | May 5, 2025 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function. | |||
| CVE-2024-57232 | 0.01 | — | 0.01 | May 5, 2025 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function. | |||
| CVE-2024-57235 | 0.01 | — | 0.01 | May 5, 2025 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function. | |||
| CVE-2024-57233 | 0.01 | — | 0.01 | May 5, 2025 | NETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function. | |||
| CVE-2024-57234 | 0.01 | — | 0.01 | May 5, 2025 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function. | |||
| CVE-2024-57231 | 0.01 | — | 0.01 | May 5, 2025 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function. | |||
| CVE-2024-57230 | 0.01 | — | 0.01 | May 5, 2025 | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. | |||
| CVE-2025-12946 | 0.00 | — | 0.00 | Dec 9, 2025 | A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are… |
- risk 0.34cvss —epss 0.00
An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation.
- CVE-2024-57229May 5, 2025risk 0.01cvss —epss 0.01
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.
- CVE-2024-57232May 5, 2025risk 0.01cvss —epss 0.01
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function.
- CVE-2024-57235May 5, 2025risk 0.01cvss —epss 0.01
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function.
- CVE-2024-57233May 5, 2025risk 0.01cvss —epss 0.01
NETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function.
- CVE-2024-57234May 5, 2025risk 0.01cvss —epss 0.01
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function.
- CVE-2024-57231May 5, 2025risk 0.01cvss —epss 0.01
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.
- CVE-2024-57230May 5, 2025risk 0.01cvss —epss 0.01
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function.
- CVE-2025-12946Dec 9, 2025risk 0.00cvss —epss 0.00
A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are…