CVE-2026-0419
Insufficient input validation in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows users connected to the local WiFi Networks to execute operating system command...
Affects 0 products across 1 vendor.
Software does not validate or incorrectly validates input, allowing attackers to craft data processed in unintended ways.
The NETGEAR JR6150 AC750 WiFi router, released in 2014 and end-of-support since 2018, contains insufficient input validation that allows any user connected to the local WiFi network to execute arbitrary operating system commands on the device. No patch is available or planned by the vendor. In OT environments where this router may serve as network infrastructure connecting operational technology segments, successful exploitation could allow an attacker with local network access to pivot into ICS/OT networks, intercept industrial communications, or disrupt network connectivity for field devices.
Is this CVE in your environment?
BreachSpider monitors your ICS/OT environment for vulnerabilities like this one. No agents or network access required. Free to start.
Check My Environment →What is CVE-2026-0419?
Is CVE-2026-0419 actively exploited?
How do I remediate CVE-2026-0419?
What systems are affected by CVE-2026-0419?
| CVE ID | CVE-2026-0419 |
|---|---|
| Published | 2026-06-09 |
| Last Modified | 2026-06-09 |
| ICS Relevance | 85% |
| Weakness (CWE) | |
| Source | NVD |
Insufficient input validation in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows users connected to the local WiFi Networks to execute operating system commands.Ā NETGEAR JR6150 has reached End-of-Support phase as of 2018 , and no further security updates are planned. NETGEARĀ strongly recommends replacing these devices with newer NETGEAR models to ensure continued security support and updates. This vulnerability has been identified through firmware emulation in a controlled research environment and has not been verified on production hardware.
Source: NIST NVD / MITRE CVE Database
| Vendor | Product | Fixed Version |
|---|---|---|
| Netgear | — | — |
No patch is available. NETGEAR has formally reached End-of-Support for the JR6150 as of 2018 and explicitly states no further security updates are planned. Vendor recommendation is hardware replacement with a currently supported NETGEAR model.
View Vendor Advisory →| CISA KEV | Not in KEV catalog |
|---|---|
| Public Exploit | Not confirmed |
| PoC Code | Not confirmed |
Deploy IDS/IPS rules at the network perimeter and on any switch or firewall separating the WiFi segment from OT/ICS zones. Block or alert on HTTP POST requests to the router's management interface containing shell metacharacters (semicolons, pipes, backticks, dollar-sign-parenthesis) combined with common OS command strings. Restrict access to the router's web management interface (typically port 80/443) to a dedicated, isolated management VLAN only. Block all direct WiFi client-to-router management access at the access layer.
No reliable network detection signature exists for this vulnerability class — apply the compensating controls above and the vendor patch. SAGE only publishes a network rule when a concrete on-the-wire signature can be grounded in the advisory.
Virtual patch generated by CITED Relevance SAGE. Validate in isolated environment before production deployment. Compensating control only - does not replace vendor patch.
ICS/OT Vulnerability Intelligence for Your Environment
BreachSpider monitors 353,228 CVEs across ICS/OT vendors. SAGE-enriched alerts with virtual patches, NERC-CIP mapping, and PSIRT contacts delivered to your SIEM in minutes.
Join free →