Description
A security flaw was discovered in certain NETGEAR Nighthawk RAX series routers
that could allow someone already logged in to the device to run unauthorized commands
or code on the router.
Published: 2026-07-14
Score: 4.7 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

Vendor Solution

Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in: ProductFixed VersionRAX43 (EoS) Nighthawk AX5 5-Stream AX4200 WiFi Router V1.0.17.142 https://www.netgear.com/support/product/rax43/ RAX45 (EoS) Nighthawk AX6 6-Stream AX4300 WiFi Router V1.0.17.142 https://www.netgear.com/support/product/rax45/ RAX50 Nighthawk AX6 6-Stream AX5400 WiFi 6 Router V1.0.17.142 https://www.netgear.com/support/product/rax50/ RAX54S Nighthawk AX6 6-Stream AX5400 WiFi Router V1.0.17.142 https://www.netgear.com/support/product/rax54s/ RAX54Sv2 Nighthawk AX6 6-Stream AX5400 WiFi Router V1.1.6.36 https://www.netgear.com/support/product/rax54sv2/ Models marked (EoS) have reached End-of-Support phase, and no security updates are planned. NETGEAR strongly recommends that you retire these devices and upgrade to a newer NETGEAR device for continued security support.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 15 Jul 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 15 Jul 2026 17:30:00 +0000

Type Values Removed Values Added
References

Tue, 14 Jul 2026 18:15:00 +0000

Type Values Removed Values Added
Description A security flaw was discovered in certain NETGEAR Nighthawk RAX series routers that could allow someone already logged in to the device to run unauthorized commands or code on the router.
Title Post-authentication Command Injection Vulnerability in certain Nighthawk RAX series models
Weaknesses CWE-20
References
Metrics cvssV4_0

{'score': 4.7, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P'}


Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: NETGEAR

Published:

Updated: 2026-07-15T17:01:41.135Z

Reserved: 2026-07-14T16:31:02.509Z

Link: CVE-2026-62658

cve-icon Vulnrichment

Updated: 2026-07-15T14:48:40.966Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses