← Back

CVE-2026-0405

nvd nist
Published: Jan 13, 2026Modified: Feb 12, 2026

JSON object

Loading...
6.1
Vector
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
Show more
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:AmberShow less
Source: a2826606-91e7-4eb6-899e-8484bd4575d5 (Secondary)

Description

An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin.

Affected (25)

Netgear
25 products
Cbr750 Firmware
Nbr750 Firmware
Rbe370 Firmware
Rbe371 Firmware
Rbe372 Firmware
Rbe373 Firmware
Rbe374 Firmware
Rbe770 Firmware
Rbe771 Firmware
Rbe772 Firmware
Rbe773 Firmware
Rbe970 Firmware
Rbe971 Firmware
Rbr750 Firmware
Rbr840 Firmware
Rbr850 Firmware
Rbr860 Firmware
Rbs750 Firmware
Rbs840 Firmware
Rbs850 Firmware
Rbs860 Firmware
Rbre950 Firmware
Rbre960 Firmware
Rbse950 Firmware
Rbse960 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cbr750 Firmware
Before 4.6.14.8
Running on/withPlatform Versions
Netgear
Cbr750
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nbr750 Firmware
Before 4.6.15.14
Running on/withPlatform Versions
Netgear
Nbr750
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbe370 Firmware
Before 12.1.3.11
Running on/withPlatform Versions
Netgear
Rbe370
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbe371 Firmware
Before 12.1.3.11
Running on/withPlatform Versions
Netgear
Rbe371
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbe372 Firmware
Before 12.1.3.11
Running on/withPlatform Versions
Netgear
Rbe372
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbe373 Firmware
Before 12.1.3.11
Running on/withPlatform Versions
Netgear
Rbe373
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbe374 Firmware
Before 12.1.3.11
Running on/withPlatform Versions
Netgear
Rbe374
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbe770 Firmware
Before 10.5.20.7
Running on/withPlatform Versions
Netgear
Rbe770
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbe771 Firmware
Before 10.5.20.7
Running on/withPlatform Versions
Netgear
Rbe771
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbe772 Firmware
Before 10.5.20.7
Running on/withPlatform Versions
Netgear
Rbe772
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbe773 Firmware
Before 10.5.20.7
Running on/withPlatform Versions
Netgear
Rbe773
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbe970 Firmware
Before 9.13.2.1
Running on/withPlatform Versions
Netgear
Rbe970
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbe971 Firmware
Before 9.13.2.1
Running on/withPlatform Versions
Netgear
Rbe971
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbr750 Firmware
Before 7.2.8.2
Running on/withPlatform Versions
Netgear
Rbr750
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbr840 Firmware
Before 7.2.8.2
Running on/withPlatform Versions
Netgear
Rbr840
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbr850 Firmware
Before 7.2.8.2
Running on/withPlatform Versions
Netgear
Rbr850
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbr860 Firmware
Before 7.2.8.2
Running on/withPlatform Versions
Netgear
Rbr860
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbs750 Firmware
Before 7.2.8.2
Running on/withPlatform Versions
Netgear
Rbs750
All versions
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbs840 Firmware
Before 7.2.8.2
Running on/withPlatform Versions
Netgear
Rbs840
All versions
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbs850 Firmware
Before 7.2.8.2
Running on/withPlatform Versions
Netgear
Rbs850
All versions
Configuration U
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbs860 Firmware
Before 7.2.8.2
Running on/withPlatform Versions
Netgear
Rbs860
All versions
Configuration V
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbre950 Firmware
Before 7.2.8.2
Running on/withPlatform Versions
Netgear
Rbre950
All versions
Configuration W
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbre960 Firmware
Before 7.2.8.2
Running on/withPlatform Versions
Netgear
Rbre960
All versions
Configuration X
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbse950 Firmware
Before 7.2.8.2
Running on/withPlatform Versions
Netgear
Rbse950
All versions
Configuration Y
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbse960 Firmware
Before 7.2.8.2
Running on/withPlatform Versions
Netgear
Rbse960
All versions

Related CWEs

CWE-287
Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (26)

Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchVendor Advisory
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct

Timeline

No history available yet.