Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
6 vulnerabilities found for RBE971 by NETGEAR
CVE-2026-3088 (GCVE-0-2026-3088)
Vulnerability from nvd – Published: 2026-06-09 15:50 – Updated: 2026-06-10 18:10
VLAI
Title
Unauthenticated users can disrupt router operation
Summary
Unauthenticated users on the local network can cause the router to become unavailable by sending specially crafted requests.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-bounds write
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://www.netgear.com/support/product/rbr860/ | productpatch |
| https://www.netgear.com/support/product/rbre950/ | productpatch |
| https://www.netgear.com/support/product/rbre960/ | productpatch |
| https://www.netgear.com/support/product/rbs860/ | productpatch |
| https://www.netgear.com/support/product/rbse960/ | productpatch |
| https://www.netgear.com/support/product/rbse950/ | productpatch |
| https://kb.netgear.com/000070811/June-2026-NETGEA… | vendor-advisory |
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | RBR860 |
Affected:
V6.3.7.10 , < V7.2.7.15
(custom)
|
|
| NETGEAR | RBRE950 |
Affected:
0 , < v7.2.7.15
(custom)
|
|
| NETGEAR | RBRE960 |
Affected:
V6.3.7.10 , < V7.2.7.15
(custom)
|
|
| NETGEAR | RBE970 |
Affected:
V6.3.7.10 , < V9.10.1.4
(custom)
|
|
| NETGEAR | RBE971 |
Affected:
V6.3.7.10 , < V9.10.1.4
(custom)
|
|
| NETGEAR | RBS860 |
Affected:
0 , < V7.2.7.15
(custom)
|
|
| NETGEAR | RBSE950 |
Affected:
0 , < v7.2.7.15
(custom)
|
|
| NETGEAR | RBSE960 |
Affected:
0 , < V7.2.7.15
(custom)
|
Date Public
2026-06-09 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3088",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T17:34:47.190713Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T18:39:56.251Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RBR860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V7.2.7.15",
"status": "affected",
"version": "V6.3.7.10",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBRE950",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.7.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBRE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V7.2.7.15",
"status": "affected",
"version": "V6.3.7.10",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE970",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V9.10.1.4",
"status": "affected",
"version": "V6.3.7.10",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE971",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V9.10.1.4",
"status": "affected",
"version": "V6.3.7.10",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V7.2.7.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBSE950",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.7.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBSE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V7.2.7.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "fxc233"
}
],
"datePublic": "2026-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eUnauthenticated users on the local network can cause the router to become unavailable by sending specially crafted requests.\u003c/div\u003e"
}
],
"value": "Unauthenticated users on the local network can cause the router to become unavailable by sending specially crafted requests."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T18:10:51.832Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr860/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbre950/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbre960/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbs860/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbse960/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbse950/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\u003c/p\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eProduct\u003c/th\u003e\u003cth\u003eFixed Version\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBE970\u003c/b\u003e Orbi Quad-band Mesh WiFi 7 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe970/\"\u003eV9.10.1.4\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBE971\u003c/b\u003e Orbi Quad-band Mesh WiFi 7 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe971/\"\u003eV9.10.1.4\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBR860\u003c/b\u003e Orbi Tri-band Mesh WiFi 6 Router \u2013 860 Series\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr860/\"\u003eV7.2.7.15\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBRE950\u003c/b\u003e Orbi Quad-band Mesh WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbre950/\"\u003ev7.2.7.15\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBRE960\u003c/b\u003e Orbi Quad-band Mesh WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbre960/\"\u003eV7.2.7.15\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBS860\u003c/b\u003e Orbi Tri-band Mesh WiFi 6 Add-on Satellite \u2013 860 Series\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs860/\"\u003eV7.2.7.15\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBSE950\u003c/b\u003e Orbi Quad-band Mesh WiFi 6E Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbse950/\"\u003ev7.2.7.15\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBSE960\u003c/b\u003e Orbi Quad-band Mesh WiFi 6E Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbse960/\"\u003eV7.2.7.15\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\n\nProductFixed VersionRBE970 Orbi Quad-band Mesh WiFi 7 Add-on Satellite V9.10.1.4 https://www.netgear.com/support/product/rbe970/ RBE971 Orbi Quad-band Mesh WiFi 7 Router V9.10.1.4 https://www.netgear.com/support/product/rbe971/ RBR860 Orbi Tri-band Mesh WiFi 6 Router \u2013 860 Series V7.2.7.15 https://www.netgear.com/support/product/rbr860/ RBRE950 Orbi Quad-band Mesh WiFi 6E Router v7.2.7.15 https://www.netgear.com/support/product/rbre950/ RBRE960 Orbi Quad-band Mesh WiFi 6E Router V7.2.7.15 https://www.netgear.com/support/product/rbre960/ RBS860 Orbi Tri-band Mesh WiFi 6 Add-on Satellite \u2013 860 Series V7.2.7.15 https://www.netgear.com/support/product/rbs860/ RBSE950 Orbi Quad-band Mesh WiFi 6E Add-on Satellite v7.2.7.15 https://www.netgear.com/support/product/rbse950/ RBSE960 Orbi Quad-band Mesh WiFi 6E Add-on Satellite V7.2.7.15 https://www.netgear.com/support/product/rbse960/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Unauthenticated users can disrupt router operation",
"x_generator": {
"engine": "Vulnogram 1.0.3"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-3088",
"datePublished": "2026-06-09T15:50:47.289Z",
"dateReserved": "2026-02-24T00:11:29.678Z",
"dateUpdated": "2026-06-10T18:10:51.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0403 (GCVE-0-2026-0403)
Vulnerability from nvd – Published: 2026-01-13 16:00 – Updated: 2026-02-26 15:04
VLAI
Title
Insufficient input validation in NETGEAR Orbi routers
Summary
An insufficient input validation vulnerability in NETGEAR Orbi routers
allows attackers connected to the router's LAN to execute OS command
injections.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://www.netgear.com/support/product/rbr750 | productpatch |
| https://www.netgear.com/support/product/rbs750 | patchproduct |
| https://www.netgear.com/support/product/rbre960 | productpatch |
| https://www.netgear.com/support/product/rbse960 | productpatch |
| https://www.netgear.com/support/product/rbr850 | productpatch |
| https://www.netgear.com/support/product/rbs850 | productpatch |
| https://www.netgear.com/support/product/rbe971 | productpatch |
| https://www.netgear.com/support/product/rbe970 | productpatch |
| https://www.netgear.com/support/product/rbr860 | productpatch |
| https://www.netgear.com/support/product/rbs860 | productpatch |
| https://kb.netgear.com/000070442/January-2026-NET… | vendor-advisory |
Impacted products
10 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | RBR750 |
Affected:
0 , ≤ 4.6.14.3
(custom)
|
|
| NETGEAR | RBS750 |
Affected:
0 , ≤ 4.6.14.3
(custom)
|
|
| NETGEAR | RBRE960 |
Affected:
0 , < v7.2.7.15
(custom)
|
|
| NETGEAR | RBSE960 |
Affected:
0 , < v7.2.7.15
(custom)
|
|
| NETGEAR | RBR850 |
Affected:
0 , < V7.2.8.5
(custom)
|
|
| NETGEAR | RBS850 |
Affected:
0 , < V7.2.8.5
(custom)
|
|
| NETGEAR | RBE971 |
Affected:
0 , < v9.10.0.2
(custom)
|
|
| NETGEAR | RBE970 |
Affected:
0 , < v9.10.0.2
(custom)
|
|
| NETGEAR | RBR860 |
Affected:
0 , < v7.2.8.5
(custom)
|
|
| NETGEAR | RBS860 |
Affected:
0 , < v7.2.8.5
(custom)
|
Date Public
2026-01-13 16:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0403",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-14T04:57:20.518970Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:04:45.176Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "4.6.14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS750",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "4.6.14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBRE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.7.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBSE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.7.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE971",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v9.10.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE970",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v9.10.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr750:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.6.14.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs750:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.6.14.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbre960:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.7.15",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbse960:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.7.15",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr850:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs850:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe971:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v9.10.0.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe970:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v9.10.0.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr860:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs860:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "fxc233"
}
],
"datePublic": "2026-01-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn insufficient input validation vulnerability in NETGEAR Orbi routers \nallows attackers connected to the router\u0027s LAN\u0026nbsp;to execute OS command \ninjections.\u0026nbsp;\u003c/p\u003e"
}
],
"value": "An insufficient input validation vulnerability in NETGEAR Orbi routers \nallows attackers connected to the router\u0027s LAN\u00a0to execute OS command \ninjections."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 1.1,
"baseSeverity": "LOW",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T16:20:30.263Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr750"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbs750"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbre960"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbse960"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr850"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbs850"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbe971"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbe970"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr860"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbs860"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this\npatch applied. If not, please check the firmware version and update it to the\nlatest.\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\u003cp\u003e\u003cspan\u003eRBE971 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe971\"\u003efirmware 9.10.0.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE970 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe970\"\u003efirmware 9.10.0.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR750\u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr750\"\u003e firmware 7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR850 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr850\"\u003efirmware 7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR860 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr860\"\u003efirmware 7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS750\u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs750\"\u003e firmware 7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS850 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs850\"\u003efirmware 7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS860 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs860\"\u003efirmware 7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBRE960 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbre960\"\u003efirmware 7.2.7.15 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBSE960 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbse960\"\u003efirmware 7.2.7.15 or later\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this\npatch applied. If not, please check the firmware version and update it to the\nlatest.\n\n\n\nFixed in:\n\nRBE971 firmware 9.10.0.2 or later https://www.netgear.com/support/product/rbe971 \nRBE970 firmware 9.10.0.2 or later https://www.netgear.com/support/product/rbe970 \nRBR750 firmware 7.2.8.5 or later https://www.netgear.com/support/product/rbr750 \nRBR850 firmware 7.2.8.5 or later https://www.netgear.com/support/product/rbr850 \nRBR860 firmware 7.2.8.5 or later https://www.netgear.com/support/product/rbr860 \nRBS750 firmware 7.2.8.5 or later https://www.netgear.com/support/product/rbs750 \nRBS850 firmware 7.2.8.5 or later https://www.netgear.com/support/product/rbs850 \nRBS860 firmware 7.2.8.5 or later https://www.netgear.com/support/product/rbs860 \nRBRE960 firmware 7.2.7.15 or later https://www.netgear.com/support/product/rbre960 \nRBSE960 firmware 7.2.7.15 or later https://www.netgear.com/support/product/rbse960"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient input validation in NETGEAR Orbi routers",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0403",
"datePublished": "2026-01-13T16:00:25.831Z",
"dateReserved": "2025-12-03T04:16:02.333Z",
"dateUpdated": "2026-02-26T15:04:45.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0405 (GCVE-0-2026-0405)
Vulnerability from nvd – Published: 2026-01-13 16:00 – Updated: 2026-02-26 15:04
VLAI
Title
Authentication Bypass in NETGEAR Orbi Devices
Summary
An authentication bypass vulnerability in NETGEAR Orbi devices allows
users connected to the local network to access the router web interface
as an admin.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
26 references
Impacted products
25 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | RBE970 |
Affected:
0 , < v9.13.2.1
(custom)
|
|
| NETGEAR | RBE971 |
Affected:
0 , < v9.13.2.1
(custom)
|
|
| NETGEAR | CBR750 |
Affected:
0 , < V4.6.14.8
(custom)
|
|
| NETGEAR | NBR750 |
Affected:
0 , < V4.6.15.14
(custom)
|
|
| NETGEAR | RBE770 |
Affected:
0 , < v10.5.20.7
(custom)
|
|
| NETGEAR | RBE771 |
Affected:
0 , < v10.5.20.7
(custom)
|
|
| NETGEAR | RBE772 |
Affected:
0 , < v10.5.20.7
(custom)
|
|
| NETGEAR | RBE773 |
Affected:
0 , < v10.5.20.7
(custom)
|
|
| NETGEAR | RBR750 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBS750 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBR840 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBS840 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBR850 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBS850 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBR860 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBS860 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBRE950 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBSE950 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBRE960 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBSE960 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBE370 |
Affected:
0 , < v12.1.3.11
(custom)
|
|
| NETGEAR | RBE371 |
Affected:
0 , < v12.1.3.11
(custom)
|
|
| NETGEAR | RBE372 |
Affected:
0 , < v12.1.3.11
(custom)
|
|
| NETGEAR | RBE373 |
Affected:
0 , < v12.1.3.11
(custom)
|
|
| NETGEAR | RBE374 |
Affected:
0 , < v12.1.3.11
(custom)
|
Date Public
2026-01-13 16:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0405",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-14T04:57:26.552144Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:04:44.730Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RBE970",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v9.13.2.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE971",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v9.13.2.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.14.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.15.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE770",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v10.5.20.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE771",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v10.5.20.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE772",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v10.5.20.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE773",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v10.5.20.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR840",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS840",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBRE950",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBSE950",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBRE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBSE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE370",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE371",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE372",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE373",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE374",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe970:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v9.13.2.1",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe971:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v9.13.2.1",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:cbr750:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v4.6.14.8",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:nbr750:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v4.6.15.14",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe770:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v10.5.20.7",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe771:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v10.5.20.7",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe772:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v10.5.20.7",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe773:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v10.5.20.7",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr750:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs750:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr840:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs840:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr850:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs850:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr860:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs860:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbre950:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbse950:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbre960:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbse960:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe370:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe371:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe372:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe373:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe374:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Fulaige"
}
],
"datePublic": "2026-01-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eAn authentication bypass vulnerability in NETGEAR Orbi devices allows \nusers connected to the local network to access the router web interface \nas an admin.\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An authentication bypass vulnerability in NETGEAR Orbi devices allows \nusers connected to the local network to access the router web interface \nas an admin."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T16:21:13.069Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe971"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe970"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/cbr750"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/nbr750"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe770"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe771"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe772"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe773"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbr750"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbs750"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbr840"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbs840"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbr850"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbs850"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbr860"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbs860"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbre950"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbse950"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbre960"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbse960"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe370"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe371"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe372"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe373"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe374"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch \napplied. If not, please check the firmware version and update it to the \nlatest.\u003c/p\u003e\u003cp\u003eFixed in:\u003c/p\u003e\u003cp\u003e\u003cspan\u003eCBR750 f\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/cbr750\"\u003eirmware V4.6.14.8 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eNBR750 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/nbr750\"\u003efirmware V4.6.15.14 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE370 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe370\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE371 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe371\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE372 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe372\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE373 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe373\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE374 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe374\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE770 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe770\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE771 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe771\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE772 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe772\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE773 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe773\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE970\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe970\"\u003efirmware v9.13.2.1 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE971 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe971\"\u003efirmware v9.13.2.1 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR750 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr750\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR840 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr840\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR850 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr850\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR860 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr860\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS750 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs750\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS840 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs840\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS850 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs850\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS860 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs860\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBRE950 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbre950\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBRE960 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbre960\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBSE950 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbse950\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBSE960 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbse960\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003c/p\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch \napplied. If not, please check the firmware version and update it to the \nlatest.\n\nFixed in:\n\nCBR750 f irmware V4.6.14.8 or later https://www.netgear.com/support/product/cbr750 \nNBR750 firmware V4.6.15.14 or later https://www.netgear.com/support/product/nbr750 \nRBE370 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe370 \nRBE371 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe371 \nRBE372 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe372 \nRBE373 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe373 \nRBE374 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe374 \nRBE770 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe770 \nRBE771 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe771 \nRBE772 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe772 \nRBE773 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe773 \nRBE970\u00a0 firmware v9.13.2.1 or later https://www.netgear.com/support/product/rbe970 \nRBE971 firmware v9.13.2.1 or later https://www.netgear.com/support/product/rbe971 \nRBR750 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr750 \nRBR840 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr840 \nRBR850 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr850 \nRBR860 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr860 \nRBS750 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs750 \nRBS840 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs840 \nRBS850 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs850 \nRBS860 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs860 \nRBRE950 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbre950 \nRBRE960 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbre960 \nRBSE950 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbse950 \nRBSE960 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbse960"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Authentication Bypass in NETGEAR Orbi Devices",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0405",
"datePublished": "2026-01-13T16:00:48.296Z",
"dateReserved": "2025-12-03T04:16:11.511Z",
"dateUpdated": "2026-02-26T15:04:44.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3088 (GCVE-0-2026-3088)
Vulnerability from cvelistv5 – Published: 2026-06-09 15:50 – Updated: 2026-06-10 18:10
VLAI
Title
Unauthenticated users can disrupt router operation
Summary
Unauthenticated users on the local network can cause the router to become unavailable by sending specially crafted requests.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-bounds write
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://www.netgear.com/support/product/rbr860/ | productpatch |
| https://www.netgear.com/support/product/rbre950/ | productpatch |
| https://www.netgear.com/support/product/rbre960/ | productpatch |
| https://www.netgear.com/support/product/rbs860/ | productpatch |
| https://www.netgear.com/support/product/rbse960/ | productpatch |
| https://www.netgear.com/support/product/rbse950/ | productpatch |
| https://kb.netgear.com/000070811/June-2026-NETGEA… | vendor-advisory |
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | RBR860 |
Affected:
V6.3.7.10 , < V7.2.7.15
(custom)
|
|
| NETGEAR | RBRE950 |
Affected:
0 , < v7.2.7.15
(custom)
|
|
| NETGEAR | RBRE960 |
Affected:
V6.3.7.10 , < V7.2.7.15
(custom)
|
|
| NETGEAR | RBE970 |
Affected:
V6.3.7.10 , < V9.10.1.4
(custom)
|
|
| NETGEAR | RBE971 |
Affected:
V6.3.7.10 , < V9.10.1.4
(custom)
|
|
| NETGEAR | RBS860 |
Affected:
0 , < V7.2.7.15
(custom)
|
|
| NETGEAR | RBSE950 |
Affected:
0 , < v7.2.7.15
(custom)
|
|
| NETGEAR | RBSE960 |
Affected:
0 , < V7.2.7.15
(custom)
|
Date Public
2026-06-09 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3088",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T17:34:47.190713Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T18:39:56.251Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RBR860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V7.2.7.15",
"status": "affected",
"version": "V6.3.7.10",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBRE950",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.7.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBRE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V7.2.7.15",
"status": "affected",
"version": "V6.3.7.10",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE970",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V9.10.1.4",
"status": "affected",
"version": "V6.3.7.10",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE971",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V9.10.1.4",
"status": "affected",
"version": "V6.3.7.10",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V7.2.7.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBSE950",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.7.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBSE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V7.2.7.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "fxc233"
}
],
"datePublic": "2026-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eUnauthenticated users on the local network can cause the router to become unavailable by sending specially crafted requests.\u003c/div\u003e"
}
],
"value": "Unauthenticated users on the local network can cause the router to become unavailable by sending specially crafted requests."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T18:10:51.832Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr860/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbre950/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbre960/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbs860/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbse960/"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbse950/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\u003c/p\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eProduct\u003c/th\u003e\u003cth\u003eFixed Version\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBE970\u003c/b\u003e Orbi Quad-band Mesh WiFi 7 Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe970/\"\u003eV9.10.1.4\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBE971\u003c/b\u003e Orbi Quad-band Mesh WiFi 7 Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe971/\"\u003eV9.10.1.4\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBR860\u003c/b\u003e Orbi Tri-band Mesh WiFi 6 Router \u2013 860 Series\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr860/\"\u003eV7.2.7.15\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBRE950\u003c/b\u003e Orbi Quad-band Mesh WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbre950/\"\u003ev7.2.7.15\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBRE960\u003c/b\u003e Orbi Quad-band Mesh WiFi 6E Router\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbre960/\"\u003eV7.2.7.15\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBS860\u003c/b\u003e Orbi Tri-band Mesh WiFi 6 Add-on Satellite \u2013 860 Series\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs860/\"\u003eV7.2.7.15\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBSE950\u003c/b\u003e Orbi Quad-band Mesh WiFi 6E Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbse950/\"\u003ev7.2.7.15\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cb\u003eRBSE960\u003c/b\u003e Orbi Quad-band Mesh WiFi 6E Add-on Satellite\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.netgear.com/support/product/rbse960/\"\u003eV7.2.7.15\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in:\n\nProductFixed VersionRBE970 Orbi Quad-band Mesh WiFi 7 Add-on Satellite V9.10.1.4 https://www.netgear.com/support/product/rbe970/ RBE971 Orbi Quad-band Mesh WiFi 7 Router V9.10.1.4 https://www.netgear.com/support/product/rbe971/ RBR860 Orbi Tri-band Mesh WiFi 6 Router \u2013 860 Series V7.2.7.15 https://www.netgear.com/support/product/rbr860/ RBRE950 Orbi Quad-band Mesh WiFi 6E Router v7.2.7.15 https://www.netgear.com/support/product/rbre950/ RBRE960 Orbi Quad-band Mesh WiFi 6E Router V7.2.7.15 https://www.netgear.com/support/product/rbre960/ RBS860 Orbi Tri-band Mesh WiFi 6 Add-on Satellite \u2013 860 Series V7.2.7.15 https://www.netgear.com/support/product/rbs860/ RBSE950 Orbi Quad-band Mesh WiFi 6E Add-on Satellite v7.2.7.15 https://www.netgear.com/support/product/rbse950/ RBSE960 Orbi Quad-band Mesh WiFi 6E Add-on Satellite V7.2.7.15 https://www.netgear.com/support/product/rbse960/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Unauthenticated users can disrupt router operation",
"x_generator": {
"engine": "Vulnogram 1.0.3"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-3088",
"datePublished": "2026-06-09T15:50:47.289Z",
"dateReserved": "2026-02-24T00:11:29.678Z",
"dateUpdated": "2026-06-10T18:10:51.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0405 (GCVE-0-2026-0405)
Vulnerability from cvelistv5 – Published: 2026-01-13 16:00 – Updated: 2026-02-26 15:04
VLAI
Title
Authentication Bypass in NETGEAR Orbi Devices
Summary
An authentication bypass vulnerability in NETGEAR Orbi devices allows
users connected to the local network to access the router web interface
as an admin.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
26 references
Impacted products
25 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | RBE970 |
Affected:
0 , < v9.13.2.1
(custom)
|
|
| NETGEAR | RBE971 |
Affected:
0 , < v9.13.2.1
(custom)
|
|
| NETGEAR | CBR750 |
Affected:
0 , < V4.6.14.8
(custom)
|
|
| NETGEAR | NBR750 |
Affected:
0 , < V4.6.15.14
(custom)
|
|
| NETGEAR | RBE770 |
Affected:
0 , < v10.5.20.7
(custom)
|
|
| NETGEAR | RBE771 |
Affected:
0 , < v10.5.20.7
(custom)
|
|
| NETGEAR | RBE772 |
Affected:
0 , < v10.5.20.7
(custom)
|
|
| NETGEAR | RBE773 |
Affected:
0 , < v10.5.20.7
(custom)
|
|
| NETGEAR | RBR750 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBS750 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBR840 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBS840 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBR850 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBS850 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBR860 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBS860 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBRE950 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBSE950 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBRE960 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBSE960 |
Affected:
0 , < v7.2.8.2
(custom)
|
|
| NETGEAR | RBE370 |
Affected:
0 , < v12.1.3.11
(custom)
|
|
| NETGEAR | RBE371 |
Affected:
0 , < v12.1.3.11
(custom)
|
|
| NETGEAR | RBE372 |
Affected:
0 , < v12.1.3.11
(custom)
|
|
| NETGEAR | RBE373 |
Affected:
0 , < v12.1.3.11
(custom)
|
|
| NETGEAR | RBE374 |
Affected:
0 , < v12.1.3.11
(custom)
|
Date Public
2026-01-13 16:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0405",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-14T04:57:26.552144Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:04:44.730Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RBE970",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v9.13.2.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE971",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v9.13.2.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.14.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V4.6.15.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE770",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v10.5.20.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE771",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v10.5.20.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE772",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v10.5.20.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE773",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v10.5.20.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS750",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR840",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS840",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBRE950",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBSE950",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBRE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBSE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE370",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE371",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE372",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE373",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE374",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v12.1.3.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe970:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v9.13.2.1",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe971:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v9.13.2.1",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:cbr750:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v4.6.14.8",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:nbr750:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v4.6.15.14",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe770:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v10.5.20.7",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe771:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v10.5.20.7",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe772:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v10.5.20.7",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe773:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v10.5.20.7",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr750:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs750:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr840:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs840:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr850:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs850:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr860:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs860:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbre950:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbse950:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbre960:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbse960:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe370:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe371:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe372:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe373:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe374:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v12.1.3.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Fulaige"
}
],
"datePublic": "2026-01-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eAn authentication bypass vulnerability in NETGEAR Orbi devices allows \nusers connected to the local network to access the router web interface \nas an admin.\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An authentication bypass vulnerability in NETGEAR Orbi devices allows \nusers connected to the local network to access the router web interface \nas an admin."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T16:21:13.069Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe971"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe970"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/cbr750"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/nbr750"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe770"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe771"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe772"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe773"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbr750"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbs750"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbr840"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbs840"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbr850"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbs850"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbr860"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbs860"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbre950"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbse950"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbre960"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbse960"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe370"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe371"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe372"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe373"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbe374"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this patch \napplied. If not, please check the firmware version and update it to the \nlatest.\u003c/p\u003e\u003cp\u003eFixed in:\u003c/p\u003e\u003cp\u003e\u003cspan\u003eCBR750 f\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/cbr750\"\u003eirmware V4.6.14.8 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eNBR750 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/nbr750\"\u003efirmware V4.6.15.14 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE370 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe370\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE371 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe371\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE372 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe372\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE373 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe373\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE374 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe374\"\u003efirmware v12.1.3.11 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE770 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe770\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE771 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe771\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE772 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe772\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE773 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe773\"\u003efirmware v10.5.20.7 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE970\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe970\"\u003efirmware v9.13.2.1 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE971 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbe971\"\u003efirmware v9.13.2.1 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR750 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr750\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR840 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr840\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR850 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr850\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR860 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbr860\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS750 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs750\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS840 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs840\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS850 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs850\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS860 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbs860\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBRE950 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbre950\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBRE960 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbre960\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBSE950 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbse950\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBSE960 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rbse960\"\u003efirmware v7.2.8.2 or later\u003c/a\u003e\u003c/p\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this patch \napplied. If not, please check the firmware version and update it to the \nlatest.\n\nFixed in:\n\nCBR750 f irmware V4.6.14.8 or later https://www.netgear.com/support/product/cbr750 \nNBR750 firmware V4.6.15.14 or later https://www.netgear.com/support/product/nbr750 \nRBE370 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe370 \nRBE371 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe371 \nRBE372 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe372 \nRBE373 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe373 \nRBE374 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe374 \nRBE770 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe770 \nRBE771 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe771 \nRBE772 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe772 \nRBE773 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe773 \nRBE970\u00a0 firmware v9.13.2.1 or later https://www.netgear.com/support/product/rbe970 \nRBE971 firmware v9.13.2.1 or later https://www.netgear.com/support/product/rbe971 \nRBR750 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr750 \nRBR840 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr840 \nRBR850 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr850 \nRBR860 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr860 \nRBS750 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs750 \nRBS840 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs840 \nRBS850 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs850 \nRBS860 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs860 \nRBRE950 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbre950 \nRBRE960 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbre960 \nRBSE950 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbse950 \nRBSE960 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbse960"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Authentication Bypass in NETGEAR Orbi Devices",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0405",
"datePublished": "2026-01-13T16:00:48.296Z",
"dateReserved": "2025-12-03T04:16:11.511Z",
"dateUpdated": "2026-02-26T15:04:44.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0403 (GCVE-0-2026-0403)
Vulnerability from cvelistv5 – Published: 2026-01-13 16:00 – Updated: 2026-02-26 15:04
VLAI
Title
Insufficient input validation in NETGEAR Orbi routers
Summary
An insufficient input validation vulnerability in NETGEAR Orbi routers
allows attackers connected to the router's LAN to execute OS command
injections.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://www.netgear.com/support/product/rbr750 | productpatch |
| https://www.netgear.com/support/product/rbs750 | patchproduct |
| https://www.netgear.com/support/product/rbre960 | productpatch |
| https://www.netgear.com/support/product/rbse960 | productpatch |
| https://www.netgear.com/support/product/rbr850 | productpatch |
| https://www.netgear.com/support/product/rbs850 | productpatch |
| https://www.netgear.com/support/product/rbe971 | productpatch |
| https://www.netgear.com/support/product/rbe970 | productpatch |
| https://www.netgear.com/support/product/rbr860 | productpatch |
| https://www.netgear.com/support/product/rbs860 | productpatch |
| https://kb.netgear.com/000070442/January-2026-NET… | vendor-advisory |
Impacted products
10 products
| Vendor | Product | Version | |
|---|---|---|---|
| NETGEAR | RBR750 |
Affected:
0 , ≤ 4.6.14.3
(custom)
|
|
| NETGEAR | RBS750 |
Affected:
0 , ≤ 4.6.14.3
(custom)
|
|
| NETGEAR | RBRE960 |
Affected:
0 , < v7.2.7.15
(custom)
|
|
| NETGEAR | RBSE960 |
Affected:
0 , < v7.2.7.15
(custom)
|
|
| NETGEAR | RBR850 |
Affected:
0 , < V7.2.8.5
(custom)
|
|
| NETGEAR | RBS850 |
Affected:
0 , < V7.2.8.5
(custom)
|
|
| NETGEAR | RBE971 |
Affected:
0 , < v9.10.0.2
(custom)
|
|
| NETGEAR | RBE970 |
Affected:
0 , < v9.10.0.2
(custom)
|
|
| NETGEAR | RBR860 |
Affected:
0 , < v7.2.8.5
(custom)
|
|
| NETGEAR | RBS860 |
Affected:
0 , < v7.2.8.5
(custom)
|
Date Public
2026-01-13 16:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0403",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-14T04:57:20.518970Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:04:45.176Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RBR750",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "4.6.14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS750",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "4.6.14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBRE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.7.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBSE960",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.7.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS850",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "V7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE971",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v9.10.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBE970",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v9.10.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBR860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RBS860",
"vendor": "NETGEAR",
"versions": [
{
"lessThan": "v7.2.8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr750:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.6.14.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs750:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.6.14.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbre960:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.7.15",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbse960:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.7.15",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr850:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs850:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe971:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v9.10.0.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbe970:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v9.10.0.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr860:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs860:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v7.2.8.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "fxc233"
}
],
"datePublic": "2026-01-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn insufficient input validation vulnerability in NETGEAR Orbi routers \nallows attackers connected to the router\u0027s LAN\u0026nbsp;to execute OS command \ninjections.\u0026nbsp;\u003c/p\u003e"
}
],
"value": "An insufficient input validation vulnerability in NETGEAR Orbi routers \nallows attackers connected to the router\u0027s LAN\u00a0to execute OS command \ninjections."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 1.1,
"baseSeverity": "LOW",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T16:20:30.263Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr750"
},
{
"tags": [
"patch",
"product"
],
"url": "https://www.netgear.com/support/product/rbs750"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbre960"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbse960"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr850"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbs850"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbe971"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbe970"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbr860"
},
{
"tags": [
"product",
"patch"
],
"url": "https://www.netgear.com/support/product/rbs860"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDevices with automatic updates enabled may already have this\npatch applied. If not, please check the firmware version and update it to the\nlatest.\u003c/p\u003e\n\n\u003cp\u003eFixed in:\u003c/p\u003e\u003cp\u003e\u003cspan\u003eRBE971 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe971\"\u003efirmware 9.10.0.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBE970 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbe970\"\u003efirmware 9.10.0.2 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR750\u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr750\"\u003e firmware 7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR850 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr850\"\u003efirmware 7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBR860 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbr860\"\u003efirmware 7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS750\u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs750\"\u003e firmware 7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS850 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs850\"\u003efirmware 7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBS860 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbs860\"\u003efirmware 7.2.8.5 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBRE960 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbre960\"\u003efirmware 7.2.7.15 or later\u003c/a\u003e\u003cbr\u003e\u003cspan\u003eRBSE960 \u003c/span\u003e\u003ca href=\"https://www.netgear.com/support/product/rbse960\"\u003efirmware 7.2.7.15 or later\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Devices with automatic updates enabled may already have this\npatch applied. If not, please check the firmware version and update it to the\nlatest.\n\n\n\nFixed in:\n\nRBE971 firmware 9.10.0.2 or later https://www.netgear.com/support/product/rbe971 \nRBE970 firmware 9.10.0.2 or later https://www.netgear.com/support/product/rbe970 \nRBR750 firmware 7.2.8.5 or later https://www.netgear.com/support/product/rbr750 \nRBR850 firmware 7.2.8.5 or later https://www.netgear.com/support/product/rbr850 \nRBR860 firmware 7.2.8.5 or later https://www.netgear.com/support/product/rbr860 \nRBS750 firmware 7.2.8.5 or later https://www.netgear.com/support/product/rbs750 \nRBS850 firmware 7.2.8.5 or later https://www.netgear.com/support/product/rbs850 \nRBS860 firmware 7.2.8.5 or later https://www.netgear.com/support/product/rbs860 \nRBRE960 firmware 7.2.7.15 or later https://www.netgear.com/support/product/rbre960 \nRBSE960 firmware 7.2.7.15 or later https://www.netgear.com/support/product/rbse960"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient input validation in NETGEAR Orbi routers",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2026-0403",
"datePublished": "2026-01-13T16:00:25.831Z",
"dateReserved": "2025-12-03T04:16:02.333Z",
"dateUpdated": "2026-02-26T15:04:45.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}