An authentication bypass vulnerability in NETGEAR Orbi devices allows
users connected to the local network to access the router web interface
as an admin.

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

No data.

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in: CBR750 f irmware V4.6.14.8 or later https://www.netgear.com/support/product/cbr750 NBR750 firmware V4.6.15.14 or later https://www.netgear.com/support/product/nbr750 RBE370 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe370 RBE371 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe371 RBE372 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe372 RBE373 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe373 RBE374 firmware v12.1.3.11 or later https://www.netgear.com/support/product/rbe374 RBE770 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe770 RBE771 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe771 RBE772 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe772 RBE773 firmware v10.5.20.7 or later https://www.netgear.com/support/product/rbe773 RBE970  firmware v9.13.2.1 or later https://www.netgear.com/support/product/rbe970 RBE971 firmware v9.13.2.1 or later https://www.netgear.com/support/product/rbe971 RBR750 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr750 RBR840 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr840 RBR850 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr850 RBR860 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbr860 RBS750 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs750 RBS840 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs840 RBS850 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs850 RBS860 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbs860 RBRE950 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbre950 RBRE960 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbre960 RBSE950 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbse950 RBSE960 firmware v7.2.8.2 or later https://www.netgear.com/support/product/rbse960

Workaround

No workaround given by the vendor.

References
Link Providers
https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory cve-icon cve-icon
https://www.netgear.com/support/product/cbr750 cve-icon cve-icon
https://www.netgear.com/support/product/nbr750 cve-icon cve-icon
https://www.netgear.com/support/product/rbe370 cve-icon cve-icon
https://www.netgear.com/support/product/rbe371 cve-icon cve-icon
https://www.netgear.com/support/product/rbe372 cve-icon cve-icon
https://www.netgear.com/support/product/rbe373 cve-icon cve-icon
https://www.netgear.com/support/product/rbe374 cve-icon cve-icon
https://www.netgear.com/support/product/rbe770 cve-icon cve-icon
https://www.netgear.com/support/product/rbe771 cve-icon cve-icon
https://www.netgear.com/support/product/rbe772 cve-icon cve-icon
https://www.netgear.com/support/product/rbe773 cve-icon cve-icon
https://www.netgear.com/support/product/rbe970 cve-icon cve-icon
https://www.netgear.com/support/product/rbe971 cve-icon cve-icon
https://www.netgear.com/support/product/rbr750 cve-icon cve-icon
https://www.netgear.com/support/product/rbr840 cve-icon cve-icon
https://www.netgear.com/support/product/rbr850 cve-icon cve-icon
https://www.netgear.com/support/product/rbr860 cve-icon cve-icon
https://www.netgear.com/support/product/rbre950 cve-icon cve-icon
https://www.netgear.com/support/product/rbre960 cve-icon cve-icon
https://www.netgear.com/support/product/rbs750 cve-icon cve-icon
https://www.netgear.com/support/product/rbs840 cve-icon cve-icon
https://www.netgear.com/support/product/rbs850 cve-icon cve-icon
https://www.netgear.com/support/product/rbs860 cve-icon cve-icon
https://www.netgear.com/support/product/rbse950 cve-icon cve-icon
https://www.netgear.com/support/product/rbse960 cve-icon cve-icon
History

Tue, 13 Jan 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 13 Jan 2026 16:30:00 +0000

Type Values Removed Values Added
References

Tue, 13 Jan 2026 16:15:00 +0000

Type Values Removed Values Added
Description An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin.
Title Authentication Bypass in NETGEAR Orbi Devices
First Time appeared Netgear
Netgear cbr750
Netgear nbr750
Netgear rbe370
Netgear rbe371
Netgear rbe372
Netgear rbe373
Netgear rbe374
Netgear rbe770
Netgear rbe771
Netgear rbe772
Netgear rbe773
Netgear rbe970
Netgear rbe971
Netgear rbr750
Netgear rbr840
Netgear rbr850
Netgear rbr860
Netgear rbre950
Netgear rbre960
Netgear rbs750
Netgear rbs840
Netgear rbs850
Netgear rbs860
Netgear rbse950
Netgear rbse960
Weaknesses CWE-287
CPEs cpe:2.3:h:netgear:cbr750:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:nbr750:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbe370:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbe371:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbe372:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbe373:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbe374:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbe770:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbe771:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbe772:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbe773:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbe970:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbe971:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbr750:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbr840:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbr850:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbr860:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbre950:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbre960:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbs750:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbs840:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbs850:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbs860:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbse950:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbse960:*:*:*:*:*:*:*:*
Vendors & Products Netgear
Netgear cbr750
Netgear nbr750
Netgear rbe370
Netgear rbe371
Netgear rbe372
Netgear rbe373
Netgear rbe374
Netgear rbe770
Netgear rbe771
Netgear rbe772
Netgear rbe773
Netgear rbe970
Netgear rbe971
Netgear rbr750
Netgear rbr840
Netgear rbr850
Netgear rbr860
Netgear rbre950
Netgear rbre960
Netgear rbs750
Netgear rbs840
Netgear rbs850
Netgear rbs860
Netgear rbse950
Netgear rbse960
References
Metrics cvssV4_0

{'score': 6.1, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber'}

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: NETGEAR

Published:

Updated: 2026-01-13T18:51:16.775Z

Reserved: 2025-12-03T04:16:11.511Z

Link: CVE-2026-0405

cve-icon Vulnrichment

Updated: 2026-01-13T18:50:53.486Z

cve-icon NVD

Status : Received

Published: 2026-01-13T16:16:10.513

Modified: 2026-01-13T17:15:59.780

Link: CVE-2026-0405

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses