8
CVE-2026-0408
- EPSS 0.06%
- Veröffentlicht 13.01.2026 16:16:11
- Zuletzt bearbeitet 20.02.2026 19:41:22
- Quelle a2826606-91e7-4eb6-899e-8484bd
- CVE-Watchlists
- Unerledigt
Path traversal vulnerability in Netgear WiFi Range Extenders
A path traversal vulnerability in NETGEAR WiFi range extenders allows an attacker with LAN authentication to access the router's IP and review the contents of the dynamically generated webproc file, which records the username and password submitted to the router GUI.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Netgear ≫ Ex2800 Firmware Version < 1.0.1.82
Netgear ≫ Ex3110 Firmware Version < 1.0.1.82
Netgear ≫ Ex5000 Firmware Version < 1.0.1.82
Netgear ≫ Ex6110 Firmware Version < 1.0.1.82
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.184 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8 | 2.1 | 5.9 |
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| a2826606-91e7-4eb6-899e-8484bd4575d5 | 6.1 | 0 | 0 |
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.