Authentication Bypass Vulnerability in NETGEAR Orbi Devices
CVE-2026-0405

6.1MEDIUM

Key Information:

Vendor

Netgear
Status
Rbe970
Rbe971
Cbr750
Nbr750
Vendor
CVE Published:
13 January 2026

What is CVE-2026-0405?

An authentication bypass vulnerability in NETGEAR Orbi devices enables unauthorized users connected to the local network to gain access to the router's web interface with administrative privileges. This flaw poses a significant security risk, allowing potentially malicious actors to alter device settings and compromise the network. It is crucial for users of affected NETGEAR Orbi devices to apply the latest security updates to mitigate this risk effectively.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

CBR750 0

NBR750 0

RBE370 0

References

https://www.netgear.com/support/product/rbe971
patchproduct
https://www.netgear.com/support/product/rbe970
patchproduct
https://www.netgear.com/support/product/cbr750
patchproduct

CVSS V4

Score:
6.1
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Fulaige
JSON
.