CVE-2026-0407

Medium CVSS: 6.1

An insufficient authentication vulnerability in NETGEAR WiFi range
extenders allows a network adjacent attacker with WiFi authentication or
a physical Ethernet port connection to bypass the authentication
process and access the admin panel.

Vendor

Netgear

Product

Ex5000 Firmware

CWE

CWE-287

Yayın Tarihi

2026-01-13 16:16:10

Güncelleme

2026-02-20 19:40:59

Source Identifier

a2826606-91e7-4eb6-899e-8484bd4575d5

KEV Date Added

Kategoriler

CWE-287 Ex5000 Firmware MEDIUM Netgear 2026

Referanslar

https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory https://www.netgear.com/support/product/ex2800 https://www.netgear.com/support/product/ex3110 https://www.netgear.com/support/product/ex5000 https://www.netgear.com/support/product/ex6110

Benzer Kayıtlar

High

CVE-2022-40620

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS ce…

High

CVE-2022-40619

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the L…

Medium

CVE-2026-0408

A path traversal vulnerability in NETGEAR WiFi range extenders allows an attacker with LAN authentication to access the…

Low

CVE-2026-0403

An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN t…

Medium

CVE-2026-0404

An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent at…

Medium

CVE-2026-0405

An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access th…