CVE-2026-0405

An authentication bypass vulnerability in NETGEAR Orbi devices allows 
users connected to the local network to access the router web interface 
as an admin.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
NETGEARCNA
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Common Weakness Enumeration
References
https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory
https://www.netgear.com/support/product/cbr750
https://www.netgear.com/support/product/nbr750
https://www.netgear.com/support/product/rbe370
https://www.netgear.com/support/product/rbe371
https://www.netgear.com/support/product/rbe372
https://www.netgear.com/support/product/rbe373
https://www.netgear.com/support/product/rbe374
https://www.netgear.com/support/product/rbe770
https://www.netgear.com/support/product/rbe771
https://www.netgear.com/support/product/rbe772
https://www.netgear.com/support/product/rbe773
https://www.netgear.com/support/product/rbe970
https://www.netgear.com/support/product/rbe971
https://www.netgear.com/support/product/rbr750
https://www.netgear.com/support/product/rbr840
https://www.netgear.com/support/product/rbr850
https://www.netgear.com/support/product/rbr860
https://www.netgear.com/support/product/rbre950
https://www.netgear.com/support/product/rbre960
https://www.netgear.com/support/product/rbs750
https://www.netgear.com/support/product/rbs840
https://www.netgear.com/support/product/rbs850
https://www.netgear.com/support/product/rbs860
https://www.netgear.com/support/product/rbse950
https://www.netgear.com/support/product/rbse960