Primary

Context

NETGEAR Orbi 370 Series Command Injection Vulnerability via Intercepted Traffic

Vulnerability

Patched

A vulnerability in NETGEAR Orbi 370 series devices, prior to version 12.1.2.7, could allow an attacker to execute commands on the device. This issue arises when the device administrator performs certain management actions, and it requires the attacker to intercept and manipulate traffic between the router and the Internet.

Impact

Exploitation of this vulnerability could lead to unauthorized command execution on the affected device.

Remediation

Users can upgrade to NETGEAR Orbi 370 series firmware version 12.1.2.7 or later to address this vulnerability.

Added: Jun 9, 2026, 9:27 PM

Updated: Jun 9, 2026, 9:27 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.8

remediation

0.0

relevance

9.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.8

remediation

0.0

relevance

9.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

NETGEAR Orbi 370 Series Command Injection Vulnerability via Intercepted Traffic

Vulnerability

Impact

Remediation

Affected Products

NETGEAR Orbi 370

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating