CVE-2022-40620
Published: 28 January 2026
Summary
CVE-2022-40620 is a high-severity Improper Certificate Validation (CWE-295) vulnerability in Netgear Rbr20 Firmware. Its CVSS base score is 7.7 (High).
Operationally, ranked at the 32.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 CM-14 (Signed Components) and SC-17 (Public Key Infrastructure Certificates).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires establishment of requirements for PKI certificates and proper validation to prevent MITM attacks during TLS-secured update downloads.
Mandates use of digitally signed firmware components with authenticity validation, blocking installation of malicious update packages delivered via compromised TLS.
Enforces cryptographic integrity checks on firmware updates to detect and prevent malicious modifications from intercepted downloads.
NVD Description
FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. An attacker (suitably positioned on the network) could intercept the update request and…
more
deliver a malicious update package in order to gain arbitrary code execution on affected devices. This affects R6230 before 1.1.0.112, R6260 before 1.1.0.88, R7000 before 1.0.11.134, R8900 before 1.0.5.42, R9000 before 1.0.5.42, and XR300 before 1.0.3.72 and Orbi RBR20 before 2.7.2.26, RBR50 before 2.7.4.26, RBS20 before 2.7.2.26, and RBS50 before 2.7.4.26.
Deeper analysisAI
CVE-2022-40620 is a vulnerability in the FunJSQ third-party module, which is integrated into select NETGEAR routers and Orbi WiFi Systems. The flaw arises from improper validation of TLS certificates during the auto-update mechanism when downloading update packages. Affected products include NETGEAR R6230 prior to firmware version 1.1.0.112, R6260 prior to 1.1.0.88, R7000 prior to 1.0.11.134, R8900 prior to 1.0.5.42, R9000 prior to 1.0.5.42, XR300 prior to 1.0.3.72, and Orbi RBR20 prior to 2.7.2.26, RBR50 prior to 2.7.4.26, RBS20 prior to 2.7.2.26, and RBS50 prior to 2.7.4.26.
An attacker suitably positioned on the network can intercept the device's update request and deliver a malicious update package, achieving arbitrary code execution on the affected device. The CVSS v3.1 base score of 7.7 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L) indicates network-based exploitation with high attack complexity, requiring no privileges or user interaction, and resulting in high confidentiality and integrity impacts alongside low availability impact. The issue maps to CWE-295 (Improper Certificate Validation).
NETGEAR's security advisory PSV-2022-0117 details the FunJSQ vulnerabilities and associated firmware updates for mitigation on the listed models. Additional analysis is provided in OneKey's security advisory on the topic.
Details
- CWE(s)