CNNVD-202601-4699 Information
CNNVD ID
CNNVD-202601-4699
Related CVE
- CNNVD Published: 2026-01-28
Description (Chinese)
NETGEAR R6260等都是美国网件(NETGEAR)公司的产品。NETGEAR R6260是一款路由器。NETGEAR R6230是一款路由器。Netgear R7000等都是美国网件(Netgear)公司的产品。Netgear R7000是一款无线路由器。 NETGEAR多款产品存在安全漏洞,该漏洞源于FunJSQ模块的自动更新机制未正确验证TLS证书,可能导致攻击者拦截更新请求并执行任意代码。以下产品及版本受到影响:R6230 1.1.0.112之前版本、R6260 1.1.0.88之前版本、R7000 1.0.11.134之前版本、R8900 1.0.5.42之前版本、R9000 1.0.5.42之前版本、XR300 1.0.3.72之前版本、Orbi RBR20 2.7.2.26之前版本、RBR50 2.7.4.26之前版本、RBS20 2.7.2.26之前版本和RBS50 2.7.4.26之前版本。
Description (English)
NETGEAR R6260, etc., are products of NETGEAR. NETGEAR R6260 is a router. NETGEAR R6230 is a router. Netgear R7000, for example, is a product of Netgear. Netgear R7000 is a wireless router. NETGEAR has a safety gap in a number of products, which stems from the fact that the automated updating mechanism of the FunJSQ module does not correctly validate the TLS certificate, which could lead to an attacker intercepting an update request and enforcing an arbitrary code. The following products and versions were affected: R6230 1.1.0112, R6260 1.1.1.0.88, R7000 1.0.11.134, R8900 1.0.5.42, R9000 1.5.42, XR 300 1.0.72, Orbi RBR 20 2.7.2.26, RBR 50 2.7.4.26, RBS 2.7.2.26 and RBS 50 2.7.4.26.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
网件
Published
2026-01-28
Last Modified
2026-02-24
References
https://kb.netgear.com/000065132/Security-Advisory-for-Vulnerabilities-in-FunJSQ-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2022-0117 https://www.onekey.com/resource/security-advisory-netgear-routers-funjsq-vulnerabilities