MEDIUM✓ PATCH🇵🇱 Wersja polska

CVE-2026-0411

CVSS 4.2v4.0pub. 2026-06-09upd. 2026-06-18

An information disclosure vulnerability in the NETGEAR Orbi satellites (RBR/RBE/RBS Series) could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without satellite devices are not impacted by this issue.

CVSS Vector
CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Netgear Rbe970

    HW
    Netgear
    wszystkie wersje
  • Netgear Rbe970 Firmware

    OS
    Netgear
    < 9.13.2.1
  • Netgear Rbr350

    HW
    Netgear
    wszystkie wersje
  • Netgear Rbr350 Firmware

    OS
    Netgear
    < 4.4.2.2
  • Netgear Rbr760

    HW
    Netgear
    wszystkie wersje
  • Netgear Rbr760 Firmware

    OS
    Netgear
    < 6.3.8.11
  • Netgear Rbs350

    HW
    Netgear
    wszystkie wersje
  • Netgear Rbs350 Firmware

    OS
    Netgear
    < 4.4.2.2
  • Netgear Rbs760

    HW
    Netgear
    wszystkie wersje
  • Netgear Rbs760 Firmware

    OS
    Netgear
    < 6.3.8.11
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2021-45652CRITICAL9.6ten sam produkt

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK352 before 4.4.0....

CVE-2021-45520CRITICAL9.6ten sam produkt

Certain NETGEAR devices are affected by a hardcoded password. This affects RBK352 before 4.4.0.10, RBR350 befo...

CVE-2021-45619CRITICAL9.6ten sam produkt

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects EX6200v...

CVE-2023-41183HIGH8.8ten sam produkt

NETGEAR Orbi 760 SOAP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent atta...

CVE-2021-45521HIGH7.4ten sam produkt

Certain NETGEAR devices are affected by a hardcoded password. This affects RBK352 before 4.4.0.10, RBR350 befo...