CVE-2026-0412
Insufficient input validation vulnerability in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows administrators connected to the local network to make unauthoriz...
Affects 0 products across 1 vendor.
Software does not validate or incorrectly validates input, allowing attackers to craft data processed in unintended ways.
The NETGEAR JR6150 AC750 WiFi Router contains an insufficient input validation vulnerability that allows authenticated local network administrators to make unauthorized modifications to router software and functionality. An attacker with local network access and administrative credentials could alter firmware or configuration in ways that compromise network integrity, potentially enabling lateral movement into connected OT environments. This device reached End-of-Support in 2018 and will receive no patch, making remediation dependent entirely on device replacement or compensating controls.
Is this CVE in your environment?
BreachSpider monitors your ICS/OT environment for vulnerabilities like this one. No agents or network access required. Free to start.
Check My Environment →What is CVE-2026-0412?
Is CVE-2026-0412 actively exploited?
How do I remediate CVE-2026-0412?
What systems are affected by CVE-2026-0412?
| CVE ID | CVE-2026-0412 |
|---|---|
| Published | 2026-06-09 |
| Last Modified | 2026-06-09 |
| ICS Relevance | 85% |
| Weakness (CWE) | |
| Source | NVD |
Insufficient input validation vulnerability in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows administrators connected to the local network to make unauthorized modification of router software and functionality. NETGEAR JR6150 reached End-of-Support status in 2018 and is no longer receiving security updates. NETGEAR strongly recommends replacing these devices with newer NETGEAR models to ensure continued security support and updates. This vulnerability has been identified through firmware emulation in a controlled research environment and has not been verified on production hardware.
Source: NIST NVD / MITRE CVE Database
| Vendor | Product | Fixed Version |
|---|---|---|
| Netgear | — | — |
No patch available. NETGEAR End-of-Support since 2018. Vendor recommends hardware replacement only.
View Vendor Advisory →| CISA KEV | Not in KEV catalog |
|---|---|
| Public Exploit | Not confirmed |
| PoC Code | Not confirmed |
Deploy rules at the perimeter firewall and any internal network segmentation device (e.g., industrial DMZ switch or next-gen firewall) to block all inbound HTTP/HTTPS access to the JR6150 management interface (typically port 80/443) from any source other than a dedicated, audited management workstation IP. Additionally, block all traffic from the JR6150's LAN segment to OT/ICS subnets at the Layer 3 boundary until the device is replaced.
No reliable network detection signature exists for this vulnerability class — apply the compensating controls above and the vendor patch. SAGE only publishes a network rule when a concrete on-the-wire signature can be grounded in the advisory.
Virtual patch generated by CITED Relevance SAGE. Validate in isolated environment before production deployment. Compensating control only - does not replace vendor patch.
ICS/OT Vulnerability Intelligence for Your Environment
BreachSpider monitors 353,228 CVEs across ICS/OT vendors. SAGE-enriched alerts with virtual patches, NERC-CIP mapping, and PSIRT contacts delivered to your SIEM in minutes.
Join free →