CNNVD-202601-4700 Information
CNNVD ID
CNNVD-202601-4700
Related CVE
- CNNVD Published: 2026-01-28
Description (Chinese)
NETGEAR R6260等都是美国网件(NETGEAR)公司的产品。NETGEAR R6260是一款路由器。NETGEAR R6230是一款路由器。Netgear R7000等都是美国网件(Netgear)公司的产品。Netgear R7000是一款无线路由器。 NETGEAR多款产品存在安全漏洞,该漏洞源于FunJSQ模块的funjsq_access_token参数存在未经验证的任意命令注入。以下产品及版本受到影响:R6230 1.1.0.112之前版本、R6260 1.1.0.88之前版本、R7000 1.0.11.134之前版本、R8900 1.0.5.42之前版本、R9000 1.0.5.42之前版本、XR300 1.0.3.72之前版本、Orbi RBR20 2.7.2.26之前版本、RBR50 2.7.4.26之前版本、RBS20 2.7.2.26之前版本和RBS50 2.7.4.26之前版本。
Description (English)
NETGEAR R6260, etc., are products of NETGEAR. NETGEAR R6260 is a router. NETGEAR R6230 is a router. Netgear R7000, for example, is a product of Netgear. Netgear R7000 is a wireless router. NETGEAR has a safety loophole in a number of products, which stems from unverified, random command injection of the Funjsq access token parameters of the FunJSQ module. The following products and versions were affected: R6230 1.1.0112, R6260 1.1.1.0.88, R7000 1.0.11.134, R8900 1.0.5.42, R9000 1.5.42, XR 300 1.0.72, Orbi RBR 20 2.7.2.26, RBR 50 2.7.4.26, RBS 2.7.2.26 and RBS 50 2.7.4.26.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
网件
Published
2026-01-28
Last Modified
2026-02-24
References
https://kb.netgear.com/000065132/Security-Advisory-for-Vulnerabilities-in-FunJSQ-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2022-0117 https://www.onekey.com/resource/security-advisory-netgear-routers-funjsq-vulnerabilities