Details of VAR-202601-1483

ID

VAR-202601-1483

CVE

CVE-2026-0405

DESCRIPTION

An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin.

Trust: 1.0

sources: NVD: CVE-2026-0405

AFFECTED PRODUCTS

vendor:	netgear	model:	cbr750	scope:	lt	version:	4.6.14.8	Trust: 1.0
vendor:	netgear	model:	nbr750	scope:	lt	version:	4.6.15.14	Trust: 1.0
vendor:	netgear	model:	rbe970	scope:	lt	version:	9.13.2.1	Trust: 1.0
vendor:	netgear	model:	rbr750	scope:	lt	version:	7.2.8.2	Trust: 1.0
vendor:	netgear	model:	rbe372	scope:	lt	version:	12.1.3.11	Trust: 1.0
vendor:	netgear	model:	rbe771	scope:	lt	version:	10.5.20.7	Trust: 1.0
vendor:	netgear	model:	rbs860	scope:	lt	version:	7.2.8.2	Trust: 1.0
vendor:	netgear	model:	rbe370	scope:	lt	version:	12.1.3.11	Trust: 1.0
vendor:	netgear	model:	rbre960	scope:	lt	version:	7.2.8.2	Trust: 1.0
vendor:	netgear	model:	rbs850	scope:	lt	version:	7.2.8.2	Trust: 1.0
vendor:	netgear	model:	rbr860	scope:	lt	version:	7.2.8.2	Trust: 1.0
vendor:	netgear	model:	rbe773	scope:	lt	version:	10.5.20.7	Trust: 1.0
vendor:	netgear	model:	rbs840	scope:	lt	version:	7.2.8.2	Trust: 1.0
vendor:	netgear	model:	rbe373	scope:	lt	version:	12.1.3.11	Trust: 1.0
vendor:	netgear	model:	rbs750	scope:	lt	version:	7.2.8.2	Trust: 1.0
vendor:	netgear	model:	rbse960	scope:	lt	version:	7.2.8.2	Trust: 1.0
vendor:	netgear	model:	rbr840	scope:	lt	version:	7.2.8.2	Trust: 1.0
vendor:	netgear	model:	rbe770	scope:	lt	version:	10.5.20.7	Trust: 1.0
vendor:	netgear	model:	rbe971	scope:	lt	version:	9.13.2.1	Trust: 1.0
vendor:	netgear	model:	rbse950	scope:	lt	version:	7.2.8.2	Trust: 1.0
vendor:	netgear	model:	rbe374	scope:	lt	version:	12.1.3.11	Trust: 1.0
vendor:	netgear	model:	rbr850	scope:	lt	version:	7.2.8.2	Trust: 1.0
vendor:	netgear	model:	rbe772	scope:	lt	version:	10.5.20.7	Trust: 1.0
vendor:	netgear	model:	rbe371	scope:	lt	version:	12.1.3.11	Trust: 1.0
vendor:	netgear	model:	rbre950	scope:	lt	version:	7.2.8.2	Trust: 1.0

sources: NVD: CVE-2026-0405

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2026-0405
value:	HIGH
Trust: 1.0
a2826606-91e7-4eb6-899e-8484bd4575d5:	CVE-2026-0405
value:	MEDIUM
Trust: 1.0

nvd@nist.gov:	CVE-2026-0405
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: NVD: CVE-2026-0405 // NVD: CVE-2026-0405

PROBLEMTYPE DATA

problemtype:	CWE-287	Trust: 1.0
problemtype:	NVD-CWE-noinfo	Trust: 1.0

sources: NVD: CVE-2026-0405

EXTERNAL IDS

db:

NVD

id:

CVE-2026-0405

Trust: 1.0

sources: NVD: CVE-2026-0405

REFERENCES

url:	https://www.netgear.com/support/product/rbs750	Trust: 1.0
url:	https://www.netgear.com/support/product/rbr840	Trust: 1.0
url:	https://www.netgear.com/support/product/rbr750	Trust: 1.0
url:	https://www.netgear.com/support/product/rbse960	Trust: 1.0
url:	https://www.netgear.com/support/product/rbe770	Trust: 1.0
url:	https://www.netgear.com/support/product/rbe370	Trust: 1.0
url:	https://www.netgear.com/support/product/rbe372	Trust: 1.0
url:	https://www.netgear.com/support/product/rbe971	Trust: 1.0
url:	https://www.netgear.com/support/product/rbe772	Trust: 1.0
url:	https://kb.netgear.com/000070442/january-2026-netgear-security-advisory	Trust: 1.0
url:	https://www.netgear.com/support/product/rbre950	Trust: 1.0
url:	https://www.netgear.com/support/product/rbe373	Trust: 1.0
url:	https://www.netgear.com/support/product/rbs850	Trust: 1.0
url:	https://www.netgear.com/support/product/rbr850	Trust: 1.0
url:	https://www.netgear.com/support/product/rbe773	Trust: 1.0
url:	https://www.netgear.com/support/product/nbr750	Trust: 1.0
url:	https://www.netgear.com/support/product/rbr860	Trust: 1.0
url:	https://www.netgear.com/support/product/rbs860	Trust: 1.0
url:	https://www.netgear.com/support/product/rbe970	Trust: 1.0
url:	https://www.netgear.com/support/product/cbr750	Trust: 1.0
url:	https://www.netgear.com/support/product/rbs840	Trust: 1.0
url:	https://www.netgear.com/support/product/rbe374	Trust: 1.0
url:	https://www.netgear.com/support/product/rbe371	Trust: 1.0
url:	https://www.netgear.com/support/product/rbe771	Trust: 1.0
url:	https://www.netgear.com/support/product/rbse950	Trust: 1.0
url:	https://www.netgear.com/support/product/rbre960	Trust: 1.0

sources: NVD: CVE-2026-0405

SOURCES

db:

NVD

id:

CVE-2026-0405

LAST UPDATE DATE

2026-02-13T22:51:39.050000+00:00

SOURCES UPDATE DATE

db:

NVD

id:

CVE-2026-0405

date:

2026-02-12T17:40:40.530

SOURCES RELEASE DATE

db:

NVD

id:

CVE-2026-0405

date:

2026-01-13T16:16:10.513