PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-9211 NETGEAR CVE debrief

CVE-2026-9211 is a medium-severity vulnerability (CVSS Score: 5.2) that allows an unauthenticated user on the local network to gain control of the router and make unauthorized changes to its operation. The vulnerability was published on 2026-06-09T17:17:51.380Z and last modified on 2026-06-10T19:16:39.107Z. The affected vendor is currently listed as Unknown Vendor, but evidence suggests it may be Netgear. The CVE record and NVD detail can be found at [cve-org](https://www.cve.org/CVERecord?id=CVE-2026-9211) and [nvd](https://nvd.nist.gov/vuln/detail/CVE-2026-9211), respectively.

Vendor
NETGEAR
Product
CAX30
CVSS
MEDIUM 5.2
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-09
Original CVE updated
2026-06-10
Advisory published
2026-06-09
Advisory updated
2026-06-10

Who should care

Administrators and users of potentially affected Netgear router products, such as CAX30, RAX30, RAX5, and RAXE300, should review the vulnerability details and apply patches or mitigations as recommended by the vendor.

Technical summary

The vulnerability has a CVSS vector of CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber. It is classified under CWE-20.

Defensive priority

Medium

Recommended defensive actions

  • Review the CVE record at [cve-org] and NVD detail at [nvd] for the latest information.
  • Check the Netgear support pages at [ref-5], [ref-6], [ref-7], and [ref-8] for potential patches or mitigations.
  • Consult the Netgear security advisory at [ref-4] for guidance on addressing the vulnerability.

Evidence notes

The vendor is currently listed as Unknown Vendor, but evidence suggests it may be Netgear.

Official resources

CVE-2026-9211 was published on 2026-06-09T17:17:51.380Z and last modified on 2026-06-10T19:16:39.107Z.