CVE-2026-0405
Severity CVSS v4.0:
MEDIUM
Type:
CWE-287
Authentication Issues
Publication date:
13/01/2026
Last modified:
14/01/2026
Description
An authentication bypass vulnerability in NETGEAR Orbi devices allows <br />
users connected to the local network to access the router web interface <br />
as an admin.
References to Advisories, Solutions, and Tools
- https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory
- https://www.netgear.com/support/product/cbr750
- https://www.netgear.com/support/product/nbr750
- https://www.netgear.com/support/product/rbe370
- https://www.netgear.com/support/product/rbe371
- https://www.netgear.com/support/product/rbe372
- https://www.netgear.com/support/product/rbe373
- https://www.netgear.com/support/product/rbe374
- https://www.netgear.com/support/product/rbe770
- https://www.netgear.com/support/product/rbe771
- https://www.netgear.com/support/product/rbe772
- https://www.netgear.com/support/product/rbe773
- https://www.netgear.com/support/product/rbe970
- https://www.netgear.com/support/product/rbe971
- https://www.netgear.com/support/product/rbr750
- https://www.netgear.com/support/product/rbr840
- https://www.netgear.com/support/product/rbr850
- https://www.netgear.com/support/product/rbr860
- https://www.netgear.com/support/product/rbre950
- https://www.netgear.com/support/product/rbre960
- https://www.netgear.com/support/product/rbs750
- https://www.netgear.com/support/product/rbs840
- https://www.netgear.com/support/product/rbs850
- https://www.netgear.com/support/product/rbs860
- https://www.netgear.com/support/product/rbse950
- https://www.netgear.com/support/product/rbse960