CVE-2026-0405

7.8 HIGH

Published: January 13, 2026 Modified: February 12, 2026

Description

An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Vendor Advisory

https://www.netgear.com/support/product/cbr750

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/nbr750

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbe370

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbe371

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbe372

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbe373

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbe374

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbe770

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbe771

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbe772

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbe773

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbe970

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbe971

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbr750

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbr840

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbr850

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbr860

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbre950

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbre960

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbs750

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbs840

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbs850

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbs860

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbse950

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

https://www.netgear.com/support/product/rbse960

Source: a2826606-91e7-4eb6-899e-8484bd4575d5

Patch Product

26 reference(s) from NVD

Quick Stats

CVSS v3 Score

7.8 / 10.0

EPSS (Exploit Probability)

0.0%

9th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-287

Affected Vendors

netgear

Related CVEs

CVE-2026-4590 3.1

CVE-2026-4404 N/A

CVE-2026-33485 7.5

CVE-2026-33483 7.5

CVE-2026-33482 8.1