CVE-2026-0405 (GCVE-0-2026-0405)
Vulnerability from cvelistv5 – Published: 2026-01-13 16:00 – Updated: 2026-01-13 18:51
VLAI?
Title
Authentication Bypass in NETGEAR Orbi Devices
Summary
An authentication bypass vulnerability in NETGEAR Orbi devices allows
users connected to the local network to access the router web interface
as an admin.
Severity ?
CWE
- CWE-287 - Improper Authentication
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| NETGEAR | RBE970 |
Affected:
0 , < v9.13.2.1
(custom)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Fulaige
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0405",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-13T18:50:42.180831Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T18:51:16.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RBE970",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v9.13.2.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE971",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v9.13.2.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.14.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.15.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE770",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v10.5.20.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE771",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v10.5.20.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE772",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v10.5.20.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE773",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v10.5.20.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR840",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS840",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBRE950",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBSE950",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBRE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBSE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE370",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE371",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE372",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE373",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE374",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe970:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v9.13.2.1",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe971:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v9.13.2.1",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:cbr750:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v4.6.14.8",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:nbr750:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v4.6.15.14",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe770:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v10.5.20.7",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe771:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v10.5.20.7",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe772:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v10.5.20.7",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe773:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v10.5.20.7",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr750:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs750:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr840:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs840:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr850:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs850:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr860:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs860:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbre950:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbse950:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbre960:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbse960:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe370:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe371:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe372:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe373:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe374:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Fulaige"
}
],
"datePublic": "2026-01-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eAn authentication bypass vulnerability in NETGEAR Orbi devices allows \nusers connected to the local network to access the router web interface \nas an admin.\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An authentication bypass vulnerability in NETGEAR Orbi devices allows \nusers connected to the local network to access the router web interface \nas an admin."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T16:21:13.069Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe971"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe970"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/cbr750"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/nbr750"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe770"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe771"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe772"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe773"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbr750"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbs750"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbr840"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbs840"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbr850"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbs850"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbr860"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbs860"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbre950"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbse950"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbre960"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbse960"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe370"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe371"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe372"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe373"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe374"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch \napplied. If not, please check the firmware version and update it to the \nlatest.\u003c/p\u003e\u003cp\u003eFixed in:\u003c/p\u003e\u003cp\u003e\u003cspan\u003eCBR750 f\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/cbr750\"\u003eirmware V4.6.14.8 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eNBR750 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/nbr750\"\u003efirmware V4.6.15.14 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE370 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe370\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE371 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe371\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE372 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe372\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE373 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe373\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE374 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe374\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE770 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe770\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE771 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe771\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE772 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe772\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE773 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe773\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE970\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe970\"\u003efirmware v9.13.2.1 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE971 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe971\"\u003efirmware v9.13.2.1 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR750 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr750\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR840 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr840\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR850 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr850\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR860 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr860\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS750 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs750\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS840 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs840\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS850 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs850\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS860 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs860\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBRE950 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbre950\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBRE960 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbre960\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBSE950 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbse950\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBSE960 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbse960\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003c/p\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch \napplied. If not, please check the firmware version and update it to the \nlatest.\n\nFixed in:\n\nCBR750 f irmware V4.6.14.8 or later https://www.netgear.com/support/product/cbr750 \nNBR750 firmware V4.6.15.14 or later https://www.netgear.com/support/product/nbr750 \nRBE370 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe370 \nRBE371 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe371 \nRBE372 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe372 \nRBE373 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe373 \nRBE374 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe374 \nRBE770 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe770 \nRBE771 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe771 \nRBE772 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe772 \nRBE773 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe773 \nRBE970\u00a0 firmware v9.13.2.1 or later https://www.netgear.com/support/product/rbe970 \nRBE971 firmware v9.13.2.1 or later https://www.netgear.com/support/product/rbe971 \nRBR750 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr750 \nRBR840 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr840 \nRBR850 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr850 \nRBR860 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr860 \nRBS750 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs750 \nRBS840 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs840 \nRBS850 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs850 \nRBS860 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs860 \nRBRE950 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbre950 \nRBRE960 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbre960 \nRBSE950 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbse950 \nRBSE960 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbse960"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Authentication Bypass in NETGEAR Orbi Devices",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0405",
"datePublished": "2026-01-13T16:00:48.296Z",
"dateReserved": "2025-12-03T04:16:11.511Z",
"dateUpdated": "2026-01-13T18:51:16.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2026-0405\",\"sourceIdentifier\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\",\"published\":\"2026-01-13T16:16:10.513\",\"lastModified\":\"2026-01-13T17:15:59.780\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An authentication bypass vulnerability in NETGEAR Orbi devices allows \\nusers connected to the local network to access the router web interface \\nas an admin.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"UNREPORTED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NO\",\"Recovery\":\"USER\",\"valueDensity\":\"DIFFUSE\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"AMBER\"}}]},\"weaknesses\":[{\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"references\":[{\"url\":\"https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/cbr750\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/nbr750\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbe370\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbe371\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbe372\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbe373\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbe374\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbe770\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbe771\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbe772\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbe773\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbe970\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbe971\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbr750\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbr840\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbr850\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbr860\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbre950\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbre960\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbs750\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbs840\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbs850\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbs860\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbse950\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"},{\"url\":\"https://www.netgear.com/support/product/rbse960\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\"}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"affected\": [{\"defaultStatus\": \"unaffected\", \"product\": \"RBE970\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v9.13.2.1\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBE971\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v9.13.2.1\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"CBR750\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"V4.6.14.8\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"NBR750\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"V4.6.15.14\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBE770\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v10.5.20.7\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBE771\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v10.5.20.7\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBE772\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v10.5.20.7\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBE773\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v10.5.20.7\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBR750\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v7.2.8.2\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBS750\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v7.2.8.2\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBR840\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v7.2.8.2\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBS840\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v7.2.8.2\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBR850\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v7.2.8.2\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBS850\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v7.2.8.2\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBR860\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v7.2.8.2\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBS860\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v7.2.8.2\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBRE950\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v7.2.8.2\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBSE950\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v7.2.8.2\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBRE960\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v7.2.8.2\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBSE960\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v7.2.8.2\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBE370\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v12.1.3.11\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBE371\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v12.1.3.11\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBE372\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v12.1.3.11\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBE373\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v12.1.3.11\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"RBE374\", \"vendor\": \"NETGEAR\", \"versions\": [{\"lessThan\": \"v12.1.3.11\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbe970:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v9.13.2.1\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbe971:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v9.13.2.1\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:cbr750:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v4.6.14.8\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:nbr750:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v4.6.15.14\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbe770:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v10.5.20.7\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbe771:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v10.5.20.7\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbe772:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v10.5.20.7\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbe773:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v10.5.20.7\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbr750:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v7.2.8.2\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbs750:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v7.2.8.2\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbr840:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v7.2.8.2\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbs840:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v7.2.8.2\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbr850:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v7.2.8.2\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbs850:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v7.2.8.2\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbr860:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v7.2.8.2\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbs860:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v7.2.8.2\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbre950:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v7.2.8.2\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbse950:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v7.2.8.2\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbre960:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v7.2.8.2\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbse960:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v7.2.8.2\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbe370:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v12.1.3.11\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbe371:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v12.1.3.11\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbe372:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v12.1.3.11\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbe373:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v12.1.3.11\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}, {\"cpeMatch\": [{\"criteria\": \"cpe:2.3:h:netgear:rbe374:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"v12.1.3.11\", \"versionStartIncluding\": \"0\", \"vulnerable\": true}], \"negate\": false, \"operator\": \"OR\"}], \"operator\": \"OR\"}], \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Fulaige\"}], \"datePublic\": \"2026-01-13T16:00:00.000Z\", \"descriptions\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"\u003cdiv\u003eAn authentication bypass vulnerability in NETGEAR Orbi devices allows \\nusers connected to the local network to access the router web interface \\nas an admin.\u003c/div\u003e\u003cp\u003e\u003c/p\u003e\"}], \"value\": \"An authentication bypass vulnerability in NETGEAR Orbi devices allows \\nusers connected to the local network to access the router web interface \\nas an admin.\"}], \"impacts\": [{\"capecId\": \"CAPEC-115\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-115 Authentication Bypass\"}]}], \"metrics\": [{\"cvssV4_0\": {\"Automatable\": \"NO\", \"Recovery\": \"USER\", \"Safety\": \"NOT_DEFINED\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"attackVector\": \"ADJACENT\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"exploitMaturity\": \"UNREPORTED\", \"privilegesRequired\": \"LOW\", \"providerUrgency\": \"AMBER\", \"subAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"valueDensity\": \"DIFFUSE\", \"vectorString\": \"CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber\", \"version\": \"4.0\", \"vulnAvailabilityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-287\", \"description\": \"CWE-287 Improper Authentication\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"orgId\": \"a2826606-91e7-4eb6-899e-8484bd4575d5\", \"shortName\": \"NETGEAR\", \"dateUpdated\": \"2026-01-13T16:21:13.069Z\"}, \"references\": [{\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbe971\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbe970\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/cbr750\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/nbr750\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbe770\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbe771\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbe772\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbe773\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbr750\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbs750\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbr840\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbs840\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbr850\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbs850\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbr860\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbs860\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbre950\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbse950\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbre960\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbse960\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbe370\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbe371\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbe372\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbe373\"}, {\"tags\": [\"patch\", \"product\"], \"url\": \"https://www.netgear.com/support/product/rbe374\"}, {\"tags\": [\"vendor-advisory\"], \"url\": \"https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory\"}], \"solutions\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"\u003cp\u003eDevices with automatic updates enabled may already have this patch \\napplied. If not, please check the firmware version and update it to the \\nlatest.\u003c/p\u003e\u003cp\u003eFixed in:\u003c/p\u003e\u003cp\u003e\u003cspan\u003eCBR750 f\u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/cbr750\\\"\u003eirmware V4.6.14.8 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eNBR750 \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/nbr750\\\"\u003efirmware V4.6.15.14 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE370 \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/rbe370\\\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE371 \u003c/span\u003e\u003ca href=\\\"https://www.netgear.com/support/product/rbe371\\\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE372 \u003c/span\u003e\u003ca href=\\\"https://www.netgear.com/support/product/rbe372\\\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE373 \u003c/span\u003e\u003ca href=\\\"https://www.netgear.com/support/product/rbe373\\\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE374 \u003c/span\u003e\u003ca href=\\\"https://www.netgear.com/support/product/rbe374\\\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE770 \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/rbe770\\\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE771 \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/rbe771\\\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE772 \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/rbe772\\\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE773 \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/rbe773\\\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE970\u0026nbsp;\u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/rbe970\\\"\u003efirmware v9.13.2.1 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE971 \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/rbe971\\\"\u003efirmware v9.13.2.1 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR750 \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/rbr750\\\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR840 \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/rbr840\\\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR850 \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/rbr850\\\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR860 \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/rbr860\\\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS750 \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/rbs750\\\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS840 \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/rbs840\\\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS850 \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/rbs850\\\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS860 \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/rbs860\\\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBRE950 \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/rbre950\\\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBRE960 \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/rbre960\\\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBSE950 \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/rbse950\\\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBSE960 \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.netgear.com/support/product/rbse960\\\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003c/p\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\"}], \"value\": \"Devices with automatic updates enabled may already have this patch \\napplied. If not, please check the firmware version and update it to the \\nlatest.\\n\\nFixed in:\\n\\nCBR750 f irmware V4.6.14.8 or later https://www.netgear.com/support/product/cbr750 \\nNBR750 firmware V4.6.15.14 or later https://www.netgear.com/support/product/nbr750 \\nRBE370 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe370 \\nRBE371 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe371 \\nRBE372 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe372 \\nRBE373 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe373 \\nRBE374 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe374 \\nRBE770 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe770 \\nRBE771 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe771 \\nRBE772 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe772 \\nRBE773 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe773 \\nRBE970\\u00a0 firmware v9.13.2.1 or later https://www.netgear.com/support/product/rbe970 \\nRBE971 firmware v9.13.2.1 or later https://www.netgear.com/support/product/rbe971 \\nRBR750 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr750 \\nRBR840 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr840 \\nRBR850 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr850 \\nRBR860 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr860 \\nRBS750 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs750 \\nRBS840 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs840 \\nRBS850 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs850 \\nRBS860 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs860 \\nRBRE950 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbre950 \\nRBRE960 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbre960 \\nRBSE950 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbse950 \\nRBSE960 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbse960\"}], \"source\": {\"discovery\": \"EXTERNAL\"}, \"title\": \"Authentication Bypass in NETGEAR Orbi Devices\", \"x_generator\": {\"engine\": \"Vulnogram 0.5.0\"}}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-0405\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-01-13T18:50:42.180831Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-01-13T18:50:53.486Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2026-0405\", \"assignerOrgId\": \"a2826606-91e7-4eb6-899e-8484bd4575d5\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"NETGEAR\", \"dateReserved\": \"2025-12-03T04:16:11.511Z\", \"datePublished\": \"2026-01-13T16:00:48.296Z\", \"dateUpdated\": \"2026-01-13T18:51:16.775Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…