Description
A security flaw in the router's certificate validation process was
discovered in the NETGEAR XR1000 Gaming Router and certain Nighthawk models that could allow an unauthorized person to remotely access and take
control of the device.
Published: 2026-07-14
Score: 4.9 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

Vendor Solution

Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in: ProductFixed VersionMR70 Nighthawk Mesh WiFi 6 Router V1.0.4.48 https://www.netgear.com/support/product/mr70/ MS70 Nighthawk Mesh WiFi 6 Add-on Satellite V1.0.4.48 https://www.netgear.com/support/product/ms70/ RAXE500 Nighthawk AX12 12-Stream AXE11000 Tri-Band WiFi 6E Router V1.2.14.114 https://www.netgear.com/support/product/raxe500/ XR1000 Nighthawk WiFi 6 Pro Gaming Router V1.0.2.86 https://www.netgear.com/support/product/xr1000/

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 14 Jul 2026 18:15:00 +0000

Type Values Removed Values Added
Description A security flaw in the router's certificate validation process was discovered in the NETGEAR XR1000 Gaming Router and certain Nighthawk models that could allow an unauthorized person to remotely access and take control of the device.
Title Certificate validation vulnerability in NETGEAR Gaming Router and certain Nighthawk models
Weaknesses CWE-599
References
Metrics cvssV4_0

{'score': 4.9, 'vector': 'CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber'}


Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: NETGEAR

Published:

Updated: 2026-07-14T17:46:13.757Z

Reserved: 2026-07-14T16:31:02.508Z

Link: CVE-2026-62657

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses