CVE-2026-0405
Authentication Bypass in NETGEAR Orbi Devices
An authentication bypass vulnerability in NETGEAR Orbi devices allows
users connected to the local network to access the router web interface
as an admin.
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber
Produtos afetados
NETGEAR · CBR750NETGEAR · NBR750NETGEAR · RBE370NETGEAR · RBE371NETGEAR · RBE372NETGEAR · RBE373NETGEAR · RBE374NETGEAR · RBE770NETGEAR · RBE771NETGEAR · RBE772NETGEAR · RBE773NETGEAR · RBE970NETGEAR · RBE971NETGEAR · RBR750NETGEAR · RBR840NETGEAR · RBR850NETGEAR · RBR860NETGEAR · RBRE950NETGEAR · RBRE960NETGEAR · RBS750NETGEAR · RBS840NETGEAR · RBS850NETGEAR · RBS860NETGEAR · RBSE950NETGEAR · RBSE960Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisoryhttps://www.netgear.com/support/product/cbr750https://www.netgear.com/support/product/nbr750https://www.netgear.com/support/product/rbe370https://www.netgear.com/support/product/rbe371https://www.netgear.com/support/product/rbe372https://www.netgear.com/support/product/rbe373https://www.netgear.com/support/product/rbe374https://www.netgear.com/support/product/rbe770https://www.netgear.com/support/product/rbe771https://www.netgear.com/support/product/rbe772https://www.netgear.com/support/product/rbe773