Description
A security flaw in the router's certificate validation process was
discovered in the NETGEAR XR1000 Gaming Router and certain Nighthawk models that could allow an unauthorized person to remotely access and take
control of the device.
Published: 2026-07-14
Score: 4.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

Vendor Solution

Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in: ProductFixed VersionMR70 Nighthawk Mesh WiFi 6 Router V1.0.4.48 https://www.netgear.com/support/product/mr70/ MS70 Nighthawk Mesh WiFi 6 Add-on Satellite V1.0.4.48 https://www.netgear.com/support/product/ms70/ RAXE500 Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router V1.2.14.114 https://www.netgear.com/support/product/raxe500/ XR1000 Nighthawk WiFi 6 Pro Gaming Router V1.0.2.86 https://www.netgear.com/support/product/xr1000/

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 15 Jul 2026 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Netgear
Netgear mr70
Netgear ms70
Netgear raxe500
Netgear xr1000
Vendors & Products Netgear
Netgear mr70
Netgear ms70
Netgear raxe500
Netgear xr1000
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 15 Jul 2026 17:30:00 +0000

Type Values Removed Values Added
References

Tue, 14 Jul 2026 18:15:00 +0000

Type Values Removed Values Added
Description A security flaw in the router's certificate validation process was discovered in the NETGEAR XR1000 Gaming Router and certain Nighthawk models that could allow an unauthorized person to remotely access and take control of the device.
Title Certificate validation vulnerability in NETGEAR Gaming Router and certain Nighthawk models
Weaknesses CWE-599
References
Metrics cvssV4_0

{'score': 4.9, 'vector': 'CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber'}


cve-icon MITRE

Status: PUBLISHED

Assigner: NETGEAR

Published:

Updated: 2026-07-15T16:56:03.166Z

Reserved: 2026-07-14T16:31:02.508Z

Link: CVE-2026-62657

cve-icon Vulnrichment

Updated: 2026-07-15T14:47:42.789Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-15T18:15:03Z

Weaknesses