Search criteria
4 vulnerabilities found for EX5000 by NETGEAR
CVE-2026-0408 (GCVE-0-2026-0408)
Vulnerability from nvd – Published: 2026-01-13 16:01 – Updated: 2026-01-14 04:57
VLAI?
Title
Path traversal vulnerability in Netgear WiFi Range Extenders
Summary
A path traversal vulnerability in NETGEAR WiFi range extenders allows
an attacker with LAN authentication to access the router's IP and
review the contents of the dynamically generated webproc file, which
records the username and password submitted to the router GUI.
Severity ?
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
Credits
chiphazard
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0408",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T04:57:22.802Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EX5000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX3110",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX6110",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX2800",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex5000:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3110:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6110:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex2800:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "chiphazard"
}
],
"datePublic": "2026-01-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA path traversal vulnerability in NETGEAR WiFi range extenders allows\n an attacker with LAN authentication to access the router\u0027s IP and \nreview the contents of the dynamically generated webproc file, which \nrecords the username and password submitted to the router GUI.\u0026nbsp;\u003c/p\u003e"
}
],
"value": "A path traversal vulnerability in NETGEAR WiFi range extenders allows\n an attacker with LAN authentication to access the router\u0027s IP and \nreview the contents of the dynamically generated webproc file, which \nrecords the username and password submitted to the router GUI."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T16:22:13.288Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex5000"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex3110"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex6110"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex2800"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eManually check the firmware version and update it to the latest.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\u003cp\u003e\u003cspan\u003eEX2800\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex2800\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eEX3110\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex3110\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eEX5000 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex5000\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eEX6110\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex6110\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Manually check the firmware version and update it to the latest.\n\n\n\n\n\nFixed in:\n\nEX2800\u00a0 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex2800 \nEX3110\u00a0 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex3110 \nEX5000 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex5000 \nEX6110\u00a0 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex6110"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Path traversal vulnerability in Netgear WiFi Range Extenders",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0408",
"datePublished": "2026-01-13T16:01:11.201Z",
"dateReserved": "2025-12-03T04:16:14.964Z",
"dateUpdated": "2026-01-14T04:57:22.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0407 (GCVE-0-2026-0407)
Vulnerability from nvd – Published: 2026-01-13 16:01 – Updated: 2026-01-14 04:57
VLAI?
Title
Authentication bypass in NETGEAR WiFi Range Extenders via network adjacent attacks
Summary
An insufficient authentication vulnerability in NETGEAR WiFi range
extenders allows a network adjacent attacker with WiFi authentication or
a physical Ethernet port connection to bypass the authentication
process and access the admin panel.
Severity ?
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
Credits
Mad_Max
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0407",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T04:57:23.822Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EX5000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX3110",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX6110",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX2800",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex5000:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3110:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6110:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex2800:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mad_Max"
}
],
"datePublic": "2026-01-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn insufficient authentication vulnerability in NETGEAR WiFi range \nextenders allows a network adjacent attacker with WiFi authentication\u0026nbsp;or\n a physical\u0026nbsp;Ethernet port connection to bypass the authentication \nprocess and access the admin panel.\u003c/p\u003e"
}
],
"value": "An insufficient authentication vulnerability in NETGEAR WiFi range \nextenders allows a network adjacent attacker with WiFi authentication\u00a0or\n a physical\u00a0Ethernet port connection to bypass the authentication \nprocess and access the admin panel."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T16:21:52.087Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex5000"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex3110"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex6110"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex2800"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eManually check the firmware version and update it to the latest.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\n\n\u003cp\u003e\u003cspan\u003eEX2800\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex2800\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eEX3110\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex3110\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eEX5000 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex5000\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eEX6110\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex6110\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Manually check the firmware version and update it to the latest.\n\n\n\n\n\nFixed in:\n\n\n\nEX2800\u00a0 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex2800 \nEX3110\u00a0 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex3110 \nEX5000 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex5000 \nEX6110\u00a0 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex6110"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Authentication bypass in NETGEAR WiFi Range Extenders via network adjacent attacks",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0407",
"datePublished": "2026-01-13T16:01:04.157Z",
"dateReserved": "2025-12-03T04:16:13.882Z",
"dateUpdated": "2026-01-14T04:57:23.822Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0408 (GCVE-0-2026-0408)
Vulnerability from cvelistv5 – Published: 2026-01-13 16:01 – Updated: 2026-01-14 04:57
VLAI?
Title
Path traversal vulnerability in Netgear WiFi Range Extenders
Summary
A path traversal vulnerability in NETGEAR WiFi range extenders allows
an attacker with LAN authentication to access the router's IP and
review the contents of the dynamically generated webproc file, which
records the username and password submitted to the router GUI.
Severity ?
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
Credits
chiphazard
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0408",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T04:57:22.802Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EX5000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX3110",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX6110",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX2800",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex5000:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3110:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6110:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex2800:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "chiphazard"
}
],
"datePublic": "2026-01-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA path traversal vulnerability in NETGEAR WiFi range extenders allows\n an attacker with LAN authentication to access the router\u0027s IP and \nreview the contents of the dynamically generated webproc file, which \nrecords the username and password submitted to the router GUI.\u0026nbsp;\u003c/p\u003e"
}
],
"value": "A path traversal vulnerability in NETGEAR WiFi range extenders allows\n an attacker with LAN authentication to access the router\u0027s IP and \nreview the contents of the dynamically generated webproc file, which \nrecords the username and password submitted to the router GUI."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T16:22:13.288Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex5000"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex3110"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex6110"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex2800"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eManually check the firmware version and update it to the latest.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\u003cp\u003e\u003cspan\u003eEX2800\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex2800\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eEX3110\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex3110\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eEX5000 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex5000\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eEX6110\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex6110\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Manually check the firmware version and update it to the latest.\n\n\n\n\n\nFixed in:\n\nEX2800\u00a0 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex2800 \nEX3110\u00a0 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex3110 \nEX5000 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex5000 \nEX6110\u00a0 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex6110"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Path traversal vulnerability in Netgear WiFi Range Extenders",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0408",
"datePublished": "2026-01-13T16:01:11.201Z",
"dateReserved": "2025-12-03T04:16:14.964Z",
"dateUpdated": "2026-01-14T04:57:22.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0407 (GCVE-0-2026-0407)
Vulnerability from cvelistv5 – Published: 2026-01-13 16:01 – Updated: 2026-01-14 04:57
VLAI?
Title
Authentication bypass in NETGEAR WiFi Range Extenders via network adjacent attacks
Summary
An insufficient authentication vulnerability in NETGEAR WiFi range
extenders allows a network adjacent attacker with WiFi authentication or
a physical Ethernet port connection to bypass the authentication
process and access the admin panel.
Severity ?
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
Credits
Mad_Max
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0407",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T04:57:23.822Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EX5000",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX3110",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX6110",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EX2800",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v1.0.1.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex5000:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3110:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6110:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex2800:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v1.0.1.82",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mad_Max"
}
],
"datePublic": "2026-01-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn insufficient authentication vulnerability in NETGEAR WiFi range \nextenders allows a network adjacent attacker with WiFi authentication\u0026nbsp;or\n a physical\u0026nbsp;Ethernet port connection to bypass the authentication \nprocess and access the admin panel.\u003c/p\u003e"
}
],
"value": "An insufficient authentication vulnerability in NETGEAR WiFi range \nextenders allows a network adjacent attacker with WiFi authentication\u00a0or\n a physical\u00a0Ethernet port connection to bypass the authentication \nprocess and access the admin panel."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T16:21:52.087Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex5000"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex3110"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex6110"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/ex2800"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eManually check the firmware version and update it to the latest.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\n\n\u003cp\u003e\u003cspan\u003eEX2800\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex2800\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eEX3110\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex3110\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eEX5000 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex5000\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eEX6110\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/ex6110\"\u003efirmware V1.0.1.82 or later\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Manually check the firmware version and update it to the latest.\n\n\n\n\n\nFixed in:\n\n\n\nEX2800\u00a0 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex2800 \nEX3110\u00a0 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex3110 \nEX5000 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex5000 \nEX6110\u00a0 firmware V1.0.1.82 or later https://www.netgear.com/support/product/ex6110"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Authentication bypass in NETGEAR WiFi Range Extenders via network adjacent attacks",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0407",
"datePublished": "2026-01-13T16:01:04.157Z",
"dateReserved": "2025-12-03T04:16:13.882Z",
"dateUpdated": "2026-01-14T04:57:23.822Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}