Platform
netgear
Component
netgear-orbi-devices
Fixed in
9.13.2.1
4.6.14.8
4.6.15.14
10.5.20.7
7.2.8.2
CVE-2026-0405 describes an authentication bypass vulnerability affecting NETGEAR Orbi devices. This flaw allows users connected to the local network to gain administrative access to the router's web interface without proper authentication. The vulnerability impacts Orbi devices running versions up to and including v12.1.3.11. A firmware update to v12.1.3.11 has been released to address the issue.
Successful exploitation of CVE-2026-0405 grants an attacker complete administrative control over the affected NETGEAR Orbi device. This includes the ability to modify network settings, access sensitive data stored on the router, and potentially compromise connected devices on the local network. An attacker could, for example, redirect traffic through a malicious server, install malware on connected devices, or steal user credentials. The blast radius extends to all devices connected to the compromised Orbi network.
CVE-2026-0405 was publicly disclosed on 2026-01-13. No public proof-of-concept exploits are currently known. The EPSS score is pending evaluation. This vulnerability is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.03% (9% percentile)
CISA SSVC
The primary mitigation for CVE-2026-0405 is to immediately upgrade affected NETGEAR Orbi devices to firmware version v12.1.3.11 or later. If upgrading is not immediately feasible due to compatibility concerns or network downtime requirements, consider segmenting the network to isolate the Orbi device from critical assets. While a direct workaround isn't available, regularly reviewing connected devices and monitoring network traffic for unusual activity can help detect potential compromise. After upgrading, confirm the fix by attempting to access the router’s web interface from a local network device without administrative credentials; access should be denied.
Update the firmware on your NETGEAR Orbi device to the latest available version. This will resolve the authentication bypass vulnerability and protect your local network from unauthorized access.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-0405 is a vulnerability allowing local network users to access the admin interface of NETGEAR Orbi devices without authentication. Severity is pending evaluation.
You are affected if you are using a NETGEAR Orbi device running version 12.1.3.11 or earlier.
Upgrade your NETGEAR Orbi device to firmware version 12.1.3.11 or later.
There are currently no reports of active exploitation, but it's crucial to apply the patch promptly.
Please refer to the official NETGEAR security advisory for detailed information and updates: [https://kb.netgear.com/000063854/Security-Advisory-for-Authentication-Bypass-on-Orbi-Devices](https://kb.netgear.com/000063854/Security-Advisory-for-Authentication-Bypass-on-Orbi-Devices)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.