Affected Vendors
- Fortinet: 1 CVE (1 Critical)
- TP-Link: 2 CVEs (2 High)
- NETGEAR: 3 CVEs (2 High, 1 None)
This week brought six new router and network appliance vulnerabilities, with one critical issue demanding immediate attention. A critical authentication bypass in Fortinet FortiAnalyzer tops the list, while TP-Link users face two high-severity flaws affecting popular surveillance and mobile gateway products.
Critical Priority
CVE-2026-24858 (CVSS 9.8) is the standout threat this week. This authentication bypass vulnerability affects Fortinet FortiAnalyzer across multiple versions (7.2.x, 7.4.x, and 7.6.x through 7.6.5), allowing unauthenticated attackers to bypass security controls and gain unauthorized access. If you manage FortiAnalyzer instances, check your current firmware version immediately and apply patches from Fortinet as soon as they become available. This should be treated as a drop-everything priority.
High-Severity Alerts
TP-Link users: Two high-severity vulnerabilities require attention. CVE-2026-1457 affects the VIGI C385 V1 camera system, where a buffer handling flaw in the Web API can lead to remote code execution if an authenticated user provides specially crafted input. CVE-2025-14756 targets the Archer MR600 v5 mobile gateway, exposing a command injection flaw in the admin interface. Both require authentication but can result in system compromise. Check your firmware versions and look for updates from TP-Link.
NETGEAR warning: Two high-severity issues stem from FunJSQ, a third-party module used in select NETGEAR routers and Orbi systems. CVE-2022-40620 involves improper TLS certificate validation during updates, while CVE-2022-40619 exposes an unauthenticated HTTP server over LAN. Additionally, CVE-2026-24714 affects end-of-service NETGEAR products with insecure telnet activation via magic packets—a low-risk issue for devices no longer receiving support, but worth noting if legacy hardware remains deployed.