CVE-2026-0405
Authentication Bypass in NETGEAR Orbi Devices
An authentication bypass vulnerability in NETGEAR Orbi devices allows
users connected to the local network to access the router web interface
as an admin.
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber
Productos afectados
NETGEAR · CBR750NETGEAR · NBR750NETGEAR · RBE370NETGEAR · RBE371NETGEAR · RBE372NETGEAR · RBE373NETGEAR · RBE374NETGEAR · RBE770NETGEAR · RBE771NETGEAR · RBE772NETGEAR · RBE773NETGEAR · RBE970NETGEAR · RBE971NETGEAR · RBR750NETGEAR · RBR840NETGEAR · RBR850NETGEAR · RBR860NETGEAR · RBRE950NETGEAR · RBRE960NETGEAR · RBS750NETGEAR · RBS840NETGEAR · RBS850NETGEAR · RBS860NETGEAR · RBSE950NETGEAR · RBSE960¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisoryhttps://www.netgear.com/support/product/cbr750https://www.netgear.com/support/product/nbr750https://www.netgear.com/support/product/rbe370https://www.netgear.com/support/product/rbe371https://www.netgear.com/support/product/rbe372https://www.netgear.com/support/product/rbe373https://www.netgear.com/support/product/rbe374https://www.netgear.com/support/product/rbe770https://www.netgear.com/support/product/rbe771https://www.netgear.com/support/product/rbe772https://www.netgear.com/support/product/rbe773