Vulnerability-Lookup

BDU:2026-00542

Vulnerability from fstec - Published: 13.01.2026

Title

Уязвимость микропрограммного обеспечения Wi-Fi систем Netgear Orbi, связанная с недостатками процедуры аутентификации, позволяющая нарушителю повысить свои привилегии

Description

Уязвимость микропрограммного обеспечения Wi-Fi систем Netgear Orbi связана с недостатками процедуры аутентификации. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, повысить свои привилегии

Severity ?


                    
                      AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vendor

NETGEAR

Software Name

CBR750, NBR750, RBE370, RBE371, RBE372, RBE373, RBE374, RBE770, RBE771, RBE772, RBE773, RBE970, RBE971, RBR750, RBR840, RBR850, RBR860, RBS750, RBS840, RBS850, RBS860, RBRE950, RBRE960, RBSE950, RBSE960

Software Version

до 4.6.14.8 (CBR750), до 4.6.15.14 (NBR750), до 12.1.3.11 (RBE370), до 12.1.3.11 (RBE371), до 12.1.3.11 (RBE372), до 12.1.3.11 (RBE373), до 12.1.3.11 (RBE374), до 10.5.20.7 (RBE770), до 10.5.20.7 (RBE771), до 10.5.20.7 (RBE772), до 10.5.20.7 (RBE773), до 9.13.2.1 (RBE970), до 9.13.2.1 (RBE971), до 7.2.8.2 (RBR750), до 7.2.8.2 (RBR840), до 7.2.8.2 (RBR850), до 7.2.8.2 (RBR860), до 7.2.8.2 (RBS750), до 7.2.8.2 (RBS840), до 7.2.8.2 (RBS850), до 7.2.8.2 (RBS860), до 7.2.8.2 (RBRE950), до 7.2.8.2 (RBRE960), до 7.2.8.2 (RBSE950), до 7.2.8.2 (RBSE960)

Possible Mitigations

Использование рекомендаций производителя: https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory

Reference

https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory

CWE

CWE-287

JSON

To clipboard

{
  "CVSS 2.0": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "NETGEAR",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 4.6.14.8 (CBR750), \u0434\u043e 4.6.15.14 (NBR750), \u0434\u043e 12.1.3.11 (RBE370), \u0434\u043e 12.1.3.11 (RBE371), \u0434\u043e 12.1.3.11 (RBE372), \u0434\u043e 12.1.3.11 (RBE373), \u0434\u043e 12.1.3.11 (RBE374), \u0434\u043e 10.5.20.7 (RBE770), \u0434\u043e 10.5.20.7 (RBE771), \u0434\u043e 10.5.20.7 (RBE772), \u0434\u043e 10.5.20.7 (RBE773), \u0434\u043e 9.13.2.1 (RBE970), \u0434\u043e 9.13.2.1 (RBE971), \u0434\u043e 7.2.8.2 (RBR750), \u0434\u043e 7.2.8.2 (RBR840), \u0434\u043e 7.2.8.2 (RBR850), \u0434\u043e 7.2.8.2 (RBR860), \u0434\u043e 7.2.8.2 (RBS750), \u0434\u043e 7.2.8.2 (RBS840), \u0434\u043e 7.2.8.2 (RBS850), \u0434\u043e 7.2.8.2 (RBS860), \u0434\u043e 7.2.8.2 (RBRE950), \u0434\u043e 7.2.8.2 (RBRE960), \u0434\u043e 7.2.8.2 (RBSE950), \u0434\u043e 7.2.8.2 (RBSE960)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "13.01.2026",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "19.01.2026",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "19.01.2026",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2026-00542",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2026-0405",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "CBR750, NBR750, RBE370, RBE371, RBE372, RBE373, RBE374, RBE770, RBE771, RBE772, RBE773, RBE970, RBE971, RBR750, RBR840, RBR850, RBR860, RBS750, RBS840, RBS850, RBS860, RBRE950, RBRE960, RBSE950, RBSE960",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Wi-Fi \u0441\u0438\u0441\u0442\u0435\u043c Netgear Orbi, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f (CWE-287)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Wi-Fi \u0441\u0438\u0441\u0442\u0435\u043c Netgear Orbi \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-287",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,3)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,8)"
}

CVE-2026-0405 (GCVE-0-2026-0405)

Vulnerability from cvelistv5 – Published: 2026-01-13 16:00 – Updated: 2026-02-26 15:04

Title

Authentication Bypass in NETGEAR Orbi Devices

Summary

An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin.

Severity ?

6.1 (Medium)


                        
                          CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber

CWE

CWE-287 - Improper Authentication

Assigner

NETGEAR

References

URL

Tags

	https://www.netgear.com/support/product/rbe971	patchproduct
	https://www.netgear.com/support/product/rbe970	patchproduct
	https://www.netgear.com/support/product/cbr750	patchproduct
	https://www.netgear.com/support/product/nbr750	patchproduct
	https://www.netgear.com/support/product/rbe770	patchproduct
	https://www.netgear.com/support/product/rbe771	patchproduct
	https://www.netgear.com/support/product/rbe772	patchproduct
	https://www.netgear.com/support/product/rbe773	patchproduct
	https://www.netgear.com/support/product/rbr750	patchproduct
	https://www.netgear.com/support/product/rbs750	patchproduct
	https://www.netgear.com/support/product/rbr840	patchproduct
	https://www.netgear.com/support/product/rbs840	patchproduct
	https://www.netgear.com/support/product/rbr850	patchproduct
	https://www.netgear.com/support/product/rbs850	patchproduct
	https://www.netgear.com/support/product/rbr860	patchproduct
	https://www.netgear.com/support/product/rbs860	patchproduct
	https://www.netgear.com/support/product/rbre950	patchproduct
	https://www.netgear.com/support/product/rbse950	patchproduct
	https://www.netgear.com/support/product/rbre960	patchproduct
	https://www.netgear.com/support/product/rbse960	patchproduct
	https://www.netgear.com/support/product/rbe370	patchproduct
	https://www.netgear.com/support/product/rbe371	patchproduct
	https://www.netgear.com/support/product/rbe372	patchproduct
	https://www.netgear.com/support/product/rbe373	patchproduct
	https://www.netgear.com/support/product/rbe374	patchproduct
	https://kb.netgear.com/000070442/January-2026-NET…	vendor-advisory

Impacted products

Vendor

Product

Version

NETGEAR

RBE970

Affected: 0 , < v9.13.2.1 (custom)

NETGEAR	RBE971	Affected: 0 , < v9.13.2.1 (custom)
NETGEAR	CBR750	Affected: 0 , < V4.6.14.8 (custom)
NETGEAR	NBR750	Affected: 0 , < V4.6.15.14 (custom)
NETGEAR	RBE770	Affected: 0 , < v10.5.20.7 (custom)
NETGEAR	RBE771	Affected: 0 , < v10.5.20.7 (custom)
NETGEAR	RBE772	Affected: 0 , < v10.5.20.7 (custom)
NETGEAR	RBE773	Affected: 0 , < v10.5.20.7 (custom)
NETGEAR	RBR750	Affected: 0 , < v7.2.8.2 (custom)
NETGEAR	RBS750	Affected: 0 , < v7.2.8.2 (custom)
NETGEAR	RBR840	Affected: 0 , < v7.2.8.2 (custom)
NETGEAR	RBS840	Affected: 0 , < v7.2.8.2 (custom)
NETGEAR	RBR850	Affected: 0 , < v7.2.8.2 (custom)
NETGEAR	RBS850	Affected: 0 , < v7.2.8.2 (custom)
NETGEAR	RBR860	Affected: 0 , < v7.2.8.2 (custom)
NETGEAR	RBS860	Affected: 0 , < v7.2.8.2 (custom)
NETGEAR	RBRE950	Affected: 0 , < v7.2.8.2 (custom)
NETGEAR	RBSE950	Affected: 0 , < v7.2.8.2 (custom)
NETGEAR	RBRE960	Affected: 0 , < v7.2.8.2 (custom)
NETGEAR	RBSE960	Affected: 0 , < v7.2.8.2 (custom)
NETGEAR	RBE370	Affected: 0 , < v12.1.3.11 (custom)
NETGEAR	RBE371	Affected: 0 , < v12.1.3.11 (custom)
NETGEAR	RBE372	Affected: 0 , < v12.1.3.11 (custom)
NETGEAR	RBE373	Affected: 0 , < v12.1.3.11 (custom)
NETGEAR	RBE374	Affected: 0 , < v12.1.3.11 (custom)

Date Public ?

2026-01-13 16:00

Credits

Fulaige

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0405",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-14T04:57:26.552144Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T15:04:44.730Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "RBE970",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v9.13.2.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBE971",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v9.13.2.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CBR750",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "V4.6.14.8",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "NBR750",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "V4.6.15.14",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBE770",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v10.5.20.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBE771",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v10.5.20.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBE772",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v10.5.20.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBE773",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v10.5.20.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBR750",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v7.2.8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBS750",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v7.2.8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBR840",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v7.2.8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBS840",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v7.2.8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBR850",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v7.2.8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBS850",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v7.2.8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBR860",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v7.2.8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBS860",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v7.2.8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBRE950",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v7.2.8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBSE950",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v7.2.8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBRE960",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v7.2.8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBSE960",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v7.2.8.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBE370",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v12.1.3.11",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBE371",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v12.1.3.11",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBE372",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v12.1.3.11",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBE373",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v12.1.3.11",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RBE374",
          "vendor": "NETGEAR",
          "versions": [
            {
              "lessThan": "v12.1.3.11",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbe970:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v9.13.2.1",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbe971:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v9.13.2.1",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:cbr750:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v4.6.14.8",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:nbr750:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v4.6.15.14",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbe770:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v10.5.20.7",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbe771:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v10.5.20.7",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbe772:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v10.5.20.7",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbe773:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v10.5.20.7",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbr750:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v7.2.8.2",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbs750:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v7.2.8.2",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbr840:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v7.2.8.2",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbs840:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v7.2.8.2",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbr850:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v7.2.8.2",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbs850:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v7.2.8.2",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbr860:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v7.2.8.2",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbs860:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v7.2.8.2",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbre950:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v7.2.8.2",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbse950:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v7.2.8.2",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbre960:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v7.2.8.2",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbse960:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v7.2.8.2",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbe370:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v12.1.3.11",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbe371:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v12.1.3.11",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbe372:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v12.1.3.11",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbe373:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v12.1.3.11",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:h:netgear:rbe374:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v12.1.3.11",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Fulaige"
        }
      ],
      "datePublic": "2026-01-13T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003eAn authentication bypass vulnerability in NETGEAR Orbi devices allows \nusers connected to the local network to access the router web interface \nas an admin.\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "An authentication bypass vulnerability in NETGEAR Orbi devices allows \nusers connected to the local network to access the router web interface \nas an admin."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-115",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-115 Authentication Bypass"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "LOW",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "CWE-287 Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-13T16:21:13.069Z",
        "orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
        "shortName": "NETGEAR"
      },
      "references": [
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbe971"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbe970"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/cbr750"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/nbr750"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbe770"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbe771"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbe772"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbe773"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbr750"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbs750"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbr840"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbs840"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbr850"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbs850"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbr860"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbs860"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbre950"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbse950"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbre960"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbse960"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbe370"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbe371"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbe372"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbe373"
        },
        {
          "tags": [
            "patch",
            "product"
          ],
          "url": "https://www.netgear.com/support/product/rbe374"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch \napplied. If not, please check the firmware version and update it to the \nlatest.\u003c/p\u003e\u003cp\u003eFixed in:\u003c/p\u003e\u003cp\u003e\u003cspan\u003eCBR750 f\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/cbr750\"\u003eirmware V4.6.14.8 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eNBR750 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/nbr750\"\u003efirmware V4.6.15.14 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE370 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe370\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE371 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe371\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE372 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe372\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE373 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe373\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE374 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe374\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE770 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe770\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE771 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe771\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE772 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe772\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE773 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe773\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE970\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe970\"\u003efirmware v9.13.2.1 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE971 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe971\"\u003efirmware v9.13.2.1 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR750 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr750\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR840 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr840\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR850 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr850\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR860 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr860\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS750 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs750\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS840 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs840\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS850 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs850\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS860 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs860\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBRE950 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbre950\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBRE960 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbre960\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBSE950 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbse950\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBSE960 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbse960\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003c/p\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e"
            }
          ],
          "value": "Devices with automatic updates enabled may already have this patch \napplied. If not, please check the firmware version and update it to the \nlatest.\n\nFixed in:\n\nCBR750 f irmware V4.6.14.8 or later https://www.netgear.com/support/product/cbr750 \nNBR750  firmware V4.6.15.14 or later https://www.netgear.com/support/product/nbr750 \nRBE370  firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe370 \nRBE371  firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe371 \nRBE372  firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe372 \nRBE373  firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe373 \nRBE374  firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe374 \nRBE770  firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe770 \nRBE771  firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe771 \nRBE772  firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe772 \nRBE773  firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe773 \nRBE970\u00a0 firmware v9.13.2.1 or later https://www.netgear.com/support/product/rbe970 \nRBE971  firmware v9.13.2.1 or later https://www.netgear.com/support/product/rbe971 \nRBR750  firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr750 \nRBR840  firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr840 \nRBR850  firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr850 \nRBR860  firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr860 \nRBS750  firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs750 \nRBS840  firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs840 \nRBS850  firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs850 \nRBS860  firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs860 \nRBRE950  firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbre950 \nRBRE960  firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbre960 \nRBSE950  firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbse950 \nRBSE960  firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbse960"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Authentication Bypass in NETGEAR Orbi Devices",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
    "assignerShortName": "NETGEAR",
    "cveId": "CVE-2026-0405",
    "datePublished": "2026-01-13T16:00:48.296Z",
    "dateReserved": "2025-12-03T04:16:11.511Z",
    "dateUpdated": "2026-02-26T15:04:44.730Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2026-00542

CVE-2026-0405 (GCVE-0-2026-0405)

Tags

Sightings

Nomenclature