CVE-2026-0416

An insufficient input validation vulnerability in certain NETGEAR router models as listed allows an authenticated administrator with local network access to submit crafted input that bypasses intended management interface restrictions, resulting in unauthorized modification of protected router...

EUVD-2026-35457

Authenticated administrators connected to the local network can modify router functionality beyond what is intended through the standard management interface...

CVE-2026-9210 Certain NETGEAR routers allow authenticated administrators to gain unintended control of the router

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

Authentication flaw

The Web CGI Script on ZyXEL LTE4506-M606 V1.00ABDO.2C0 devices does not require authentication, which allows remote unauthenticated attackers via crafted JSON action data to /cgi-bin/gui.cgi to use all features provided by the router. Examples: change the router password, retrieve the Wi-Fi...

ZyXEL LTE4506-M606 访问控制错误漏洞

The ZyXEL LTE4506-M606 is a router from China ZyXEL. It provides network connectivity. A security vulnerability exists in the ZyXEL LTE4506-M606 V1.00ABDO.2C0, which originates from a Web CGI script that does not require authentication, and can be exploited by an attacker to use all features...