7.8
CVE-2026-0405
- EPSS 0.33%
- Veröffentlicht 13.01.2026 16:16:10
- Zuletzt bearbeitet 12.02.2026 17:40:40
- Quelle a2826606-91e7-4eb6-899e-8484bd
- CVE-Watchlists
- Unerledigt
Authentication Bypass in NETGEAR Orbi Devices
An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Netgear ≫ Cbr750 Firmware Version < 4.6.14.8
Netgear ≫ Nbr750 Firmware Version < 4.6.15.14
Netgear ≫ Rbe370 Firmware Version < 12.1.3.11
Netgear ≫ Rbe371 Firmware Version < 12.1.3.11
Netgear ≫ Rbe372 Firmware Version < 12.1.3.11
Netgear ≫ Rbe373 Firmware Version < 12.1.3.11
Netgear ≫ Rbe374 Firmware Version < 12.1.3.11
Netgear ≫ Rbe770 Firmware Version < 10.5.20.7
Netgear ≫ Rbe771 Firmware Version < 10.5.20.7
Netgear ≫ Rbe772 Firmware Version < 10.5.20.7
Netgear ≫ Rbe773 Firmware Version < 10.5.20.7
Netgear ≫ Rbe970 Firmware Version < 9.13.2.1
Netgear ≫ Rbe971 Firmware Version < 9.13.2.1
Netgear ≫ Rbr750 Firmware Version < 7.2.8.2
Netgear ≫ Rbr840 Firmware Version < 7.2.8.2
Netgear ≫ Rbr850 Firmware Version < 7.2.8.2
Netgear ≫ Rbr860 Firmware Version < 7.2.8.2
Netgear ≫ Rbs750 Firmware Version < 7.2.8.2
Netgear ≫ Rbs840 Firmware Version < 7.2.8.2
Netgear ≫ Rbs850 Firmware Version < 7.2.8.2
Netgear ≫ Rbs860 Firmware Version < 7.2.8.2
Netgear ≫ Rbre950 Firmware Version < 7.2.8.2
Netgear ≫ Rbre960 Firmware Version < 7.2.8.2
Netgear ≫ Rbse950 Firmware Version < 7.2.8.2
Netgear ≫ Rbse960 Firmware Version < 7.2.8.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.33% | 0.245 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| a2826606-91e7-4eb6-899e-8484bd4575d5 | 6.1 | 0 | 0 |
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
https://www.netgear.com/support/product/rbe970
https://www.netgear.com/support/product/rbe971
https://www.netgear.com/support/product/rbr750
https://www.netgear.com/support/product/rbr850
https://www.netgear.com/support/product/rbr860
https://www.netgear.com/support/product/rbre960
https://www.netgear.com/support/product/rbs750
https://www.netgear.com/support/product/rbs850
https://www.netgear.com/support/product/rbs860
https://www.netgear.com/support/product/rbse960
https://www.netgear.com/support/product/rbr840
https://www.netgear.com/support/product/rbre950
https://www.netgear.com/support/product/rbs840
https://www.netgear.com/support/product/rbse950
https://www.netgear.com/support/product/cbr750
https://www.netgear.com/support/product/nbr750
https://www.netgear.com/support/product/rbe370
https://www.netgear.com/support/product/rbe371
https://www.netgear.com/support/product/rbe372
https://www.netgear.com/support/product/rbe373
https://www.netgear.com/support/product/rbe374
https://www.netgear.com/support/product/rbe770
https://www.netgear.com/support/product/rbe771
https://www.netgear.com/support/product/rbe772
https://www.netgear.com/support/product/rbe773
https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory