1,326 CVEs

8 in CISA KEV

netgear Vulnerabilities

CVE security advisories and vulnerability history for netgear.

1,326

Total CVEs

Published

8

In CISA KEV

Exploited in the wild

200

Public exploits

With known exploit

7.3

Avg CVSS

2002–2026

Overview

netgear has 1,326 published CVE records since 2002, of which 8 are in CISA's Known Exploited Vulnerabilities catalog and 200 have a known public exploit. The average CVSS base score across scored CVEs is 7.3.

This page aggregates every publicly disclosed vulnerability (CVE) affecting netgear products, with severity breakdowns, the most-affected products, the most common weakness types, and the latest disclosures.

Severity and exploitation

How the CVSS severity of netgear's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical153

High453

Medium494

Low28

198 additional CVEs have no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

8

8 of netgear's CVEs are confirmed exploited in the wild.

Public exploits

200

200 of netgear's CVEs have a known public exploit available.

Most affected products

The netgear products with the most published CVEs.

r7800 firmware245 CVEs
r7800245 CVEs
r9000215 CVEs
r9000 firmware215 CVEs
r6700174 CVEs
r6700 firmware173 CVEs
d7800172 CVEs
d7800 firmware172 CVEs

Common weakness types

The CWE weakness categories most often found in netgear CVEs. Follow any weakness for its full explanation.

CNAs that assign these CVEs

The CVE Numbering Authorities that publish netgear CVE records.

Disclosure activity by year

How many netgear CVEs were published each year.

2019

23

2020

631

2021

285

2022

46

2023

63

2024

118

2025

68

2026

9

Latest netgear CVEs

The most recently disclosed vulnerabilities affecting netgear.

High vulnerability · 2026-01-30
CWE-1242
High · CVSS 8.7
EPSS 0.1%2026-01-30
High vulnerability · 2026-01-28
CWE-295
High · CVSS 7.7
EPSS 0.1%2026-01-28
High vulnerability · 2026-01-28
CWE-77
High · CVSS 7.7
EPSS 2.4%2026-01-28
Insufficient input validation in NETGEAR Orbi routers
CWE-20
Medium · CVSS 4.8
EPSS 0.2%2026-01-13
Path traversal vulnerability in Netgear WiFi Range Extenders
CWE-287
Medium · CVSS 6.1
EPSS 0.1%2026-01-13
Authentication bypass in NETGEAR WiFi Range Extenders via network adjacent attacks
CWE-287
Medium · CVSS 6.1
EPSS 0.1%2026-01-13
Insufficient input validation in NETGEAR Nighthawk router XR1000v2
CWE-20
Medium · CVSS 6.1
EPSS 0.0%2026-01-13
Authentication Bypass in NETGEAR Orbi Devices
CWE-287
Medium · CVSS 6.1
EPSS 0.0%2026-01-13
Insufficient input validation in NETGEAR Orbi routers
CWE-20
Low · CVSS 1.1
EPSS 0.1%2026-01-13
Critical vulnerability · 2025-12-23
CWE-77
Critical · CVSS 9.8
EPSS 0.2%2025-12-23
Medium vulnerability · 2025-12-23
CWE-77
Medium · CVSS 6.5
EPSS 1.0%2025-12-23
Improper input validation in NETGEAR Nighthawk routers
CWE-20
Medium · CVSS 4.4
EPSS 0.1%2025-12-09

Track new netgear CVEs as they are disclosed and get AI-written analysis and remediation guidance.

Monitor netgear CVEs

Other vendors

Browse vulnerabilities for other tracked vendors.

code-projects1,391 CVEs GitLab1,390 CVEs Red Hat1,386 CVEs Samsung Mobile1,301 CVEs gitlab-org1,296 CVEs suse1,285 CVEs gnu1,241 CVEs totolink1,231 CVEs

Browse all vendors

Frequently asked questions

Common questions about netgear vulnerabilities.

How many CVEs does netgear have?

netgear has 1,326 published CVE records since 2002, including 77 in the last two years.

How many netgear CVEs are in CISA KEV?

Yes — 8 of netgear's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.

Which netgear products have the most CVEs?

The netgear products with the most published CVEs are r7800 firmware, r7800, r9000, r9000 firmware, r6700.

What are the most common weakness types in netgear CVEs?

netgear's CVEs most often map to these CWE weakness types: CWE-120 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')), CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')), CWE-121 (Stack-based Buffer Overflow), CWE-77 (Improper Neutralization of Special Elements used in a Command ('Command Injection')).

Are there public exploits for netgear vulnerabilities?

Yes — 200 of netgear's CVEs have a known public exploit.

How many critical netgear vulnerabilities are there?

netgear has 153 critical and 453 high-severity CVEs.

What is the average severity of netgear CVEs?

The average CVSS base score across netgear's scored CVEs is 7.3.

References

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track netgear vulnerabilities

Monitor new netgear vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing