CVE-2026-3088— Unauthenticated users can disrupt router operation

AI Predicted 5.3 Difficulty: Easy EPSS 0.36% · P28 Updated Jun 13, 2026

Possible ATT&CK Techniques 1AI

Affected Version Matrix 8

Vendor	Product	Version Range	Status
NETGEAR	RBE970	`V6.3.7.10< V9.10.1.4`	affected
NETGEAR	RBE971	`V6.3.7.10< V9.10.1.4`	affected
NETGEAR	RBR860	`V6.3.7.10< V7.2.7.15`	affected
NETGEAR	RBRE950	`< v7.2.7.15`	affected
NETGEAR	RBRE960	`V6.3.7.10< V7.2.7.15`	affected
NETGEAR	RBS860	`< V7.2.7.15`	affected
NETGEAR	RBSE950	`< v7.2.7.15`	affected
NETGEAR	RBSE960	`< V7.2.7.15`	affected

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-3088

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Unauthenticated users can disrupt router operation

Source: NVD (National Vulnerability Database)

Vulnerability Description

Unauthenticated users on the local network can cause the router to become unavailable by sending specially crafted requests.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

跨界内存写

Source: NVD (National Vulnerability Database)

Vulnerability Title

NETGEAR Routers 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

NETGEAR Routers是美国网件（NETGEAR）公司的一系列路由器。 NETGEAR Routers存在缓冲区错误漏洞，该漏洞源于未经身份验证的本地网络用户发送特制请求，可能导致路由器不可用。以下产品受到影响：RBR860、RBRE950、RBRE960、RBRE970等。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
NETGEAR	RBR860	V6.3.7.10 ~ V7.2.7.15	-
NETGEAR	RBRE950	0 ~ v7.2.7.15	-
NETGEAR	RBRE960	V6.3.7.10 ~ V7.2.7.15	-
NETGEAR	RBE970	V6.3.7.10 ~ V9.10.1.4	-
NETGEAR	RBE971	V6.3.7.10 ~ V9.10.1.4	-
NETGEAR	RBS860	0 ~ V7.2.7.15	-
NETGEAR	RBSE950	0 ~ v7.2.7.15	-
NETGEAR	RBSE960	0 ~ V7.2.7.15	-

II. Public POCs for CVE-2026-3088

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-3088

请登录查看更多情报信息。

Vendor Pages for CVE-2026-3088 (6)

🔗 RBR860 | Orbi Tri-band Mesh WiFi 6 Router – 860 Seriesproductpatch
🔗 RBS860 | Orbi Tri-band Mesh WiFi 6 Add-on Satellite – 860 Seriesproductpatch
🔗 RBSE960 | Orbi Quad-band Mesh WiFi 6E Add-on Satelliteproductpatch
🔗 RBRE960 | Orbi Quad-band Mesh WiFi 6E Routerproductpatch
🔗 RBRE950 | Orbi Quad-band Mesh WiFi 6E Routerproductpatch
🔗 RBSE950 | Orbi Quad-band Mesh WiFi 6E Add-on Satelliteproductpatch

https://nvd.nist.gov/vuln/detail/CVE-2026-3088

Same Patch Batch · NETGEAR · 2026-06-09 · 17 CVEs total

CVE-2026-0412		Insufficient input validation vulnerability in NETGEAR JR6150 Web UI
CVE-2026-0414		Insufficient Input Validation Allows Unauthorized Modification of Router Software in certa
CVE-2026-0420		Missing TLS certificate validation in NETGEAR's ReadyCloud client app
CVE-2026-0415		Insufficient input validation vulnerability in certain Orbi routers
CVE-2026-0417		Insufficient input validation in certain NETGEAR routers
CVE-2026-0418		Certain NETGEAR devices allow administrators to tamper with system
CVE-2026-0416		Improper input validation in certain NETGEAR routers allows unauthorized modification of p
CVE-2026-0410		Insufficient input validation in certain NETGEAR routers
CVE-2026-0409		Netgear Orbi 370 Series Remote Code Execution vulnerability
CVE-2026-0411		A Sensitive Information Disclosure Vulnerability in NETGEAR Orbi Satellites
CVE-2026-0419		Insufficient input validation vulnerability in NETGEAR JR6150
CVE-2026-0413		Buffer overflow vulnerability in certain NETGEAR Nighthawk routers
CVE-2026-9210		Certain NETGEAR routers allow authenticated administrators to gain unintended control of t
CVE-2026-9213		Insufficient input validation in certain NETGEAR routers
CVE-2026-9211		Certain NETGEAR routers allow unauthenticated users to gain control of the router
CVE-2026-9212		Insufficient authentication and input validation in certain NETGEAR products

IV. Related Vulnerabilities

Same vendor: NETGEAR

Same weakness: CWE-787

V. Comments for CVE-2026-3088

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-3088— Unauthenticated users can disrupt router operation

Possible ATT&CK Techniques 1AI

Affected Version Matrix 8

I. Basic Information for CVE-2026-3088

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-3088

III. Intelligence Information for CVE-2026-3088

Vendor Pages for CVE-2026-3088 (6)

Same Patch Batch · NETGEAR · 2026-06-09 · 17 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-3088

Leave a comment