Auth bypass in Netgear Cbr750
CVE-2026-0405
An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin.
Vulnerability class: Broken Authentication
EPSS: 0.003 (24.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Netgear Cbr750 — versions 0
- Netgear Cbr750_firmware
- Netgear Nbr750 — versions 0
- Netgear Nbr750_firmware
- Netgear Rbe370 — versions 0
- Netgear Rbe370_firmware
- Netgear Rbe371 — versions 0
- Netgear Rbe371_firmware
- Netgear Rbe372 — versions 0
- Netgear Rbe372_firmware
Weakness classification (CWE)
References
- a2826606-91e7-4eb6-899e-8484bd4575d5 (Product, product, Patch, patch)
- a2826606-91e7-4eb6-899e-8484bd4575d5 (Product, product, Patch, patch)
- a2826606-91e7-4eb6-899e-8484bd4575d5 (Product, product, Patch, patch)
- a2826606-91e7-4eb6-899e-8484bd4575d5 (Product, product, Patch, patch)
- a2826606-91e7-4eb6-899e-8484bd4575d5 (Product, product, Patch, patch)
- a2826606-91e7-4eb6-899e-8484bd4575d5 (Product, product, Patch, patch)
- a2826606-91e7-4eb6-899e-8484bd4575d5 (Product, product, Patch, patch)
- a2826606-91e7-4eb6-899e-8484bd4575d5 (Product, product, Patch, patch)
- a2826606-91e7-4eb6-899e-8484bd4575d5 (Product, product, Patch, patch)
- a2826606-91e7-4eb6-899e-8484bd4575d5 (Product, product, Patch, patch)
Frequently asked questions
- What is CVE-2026-0405?
- CVE-2026-0405 is a high-severity vulnerability in Netgear Cbr750, classified under Improper Authentication. CVSS score: 7.8/10. Published 2026-01-13.
- How severe is CVE-2026-0405?
- High severity. CVSS v3 base score is 7.8 out of 10.