Plataforma
netgear
Componente
netgear-orbi-devices
Corregido en
9.13.2.1
4.6.14.8
4.6.15.14
10.5.20.7
7.2.8.2
CVE-2026-0405 describes an authentication bypass vulnerability affecting NETGEAR Orbi devices. This flaw allows users connected to the local network to gain administrative access to the router's web interface without proper authentication. The vulnerability impacts Orbi devices running versions up to and including v12.1.3.11. A firmware update to v12.1.3.11 has been released to address the issue.
Successful exploitation of CVE-2026-0405 grants an attacker complete administrative control over the affected NETGEAR Orbi device. This includes the ability to modify network settings, access sensitive data stored on the router, and potentially compromise connected devices on the local network. An attacker could, for example, redirect traffic through a malicious server, install malware on connected devices, or steal user credentials. The blast radius extends to all devices connected to the compromised Orbi network.
CVE-2026-0405 was publicly disclosed on 2026-01-13. No public proof-of-concept exploits are currently known. The EPSS score is pending evaluation. This vulnerability is not currently listed on the CISA KEV catalog.
Home users and small businesses relying on NETGEAR Orbi devices for their network infrastructure are at risk. This includes those who have not yet updated their devices or are using older, unsupported firmware versions. Shared hosting environments utilizing Orbi devices for network management could also be affected.
• netgear / router:
# Check firmware version
/usr/bin/nvram get version• netgear / router:
# Check for unusual login attempts in system logs
/usr/bin/grep -i 'login: admin' /var/log/dmesgdisclosure
Estado del Exploit
EPSS
0.03% (9% percentil)
CISA SSVC
The primary mitigation for CVE-2026-0405 is to immediately upgrade affected NETGEAR Orbi devices to firmware version v12.1.3.11 or later. If upgrading is not immediately feasible due to compatibility concerns or network downtime requirements, consider segmenting the network to isolate the Orbi device from critical assets. While a direct workaround isn't available, regularly reviewing connected devices and monitoring network traffic for unusual activity can help detect potential compromise. After upgrading, confirm the fix by attempting to access the router’s web interface from a local network device without administrative credentials; access should be denied.
Actualice el firmware de su dispositivo NETGEAR Orbi a la última versión disponible. Esto solucionará la vulnerabilidad de omisión de autenticación y protegerá su red local del acceso no autorizado.
Análisis de vulnerabilidades y alertas críticas directamente en tu correo.
CVE-2026-0405 is a vulnerability allowing local network users to access the admin interface of NETGEAR Orbi devices without authentication. Severity is pending evaluation.
You are affected if you are using a NETGEAR Orbi device running version 12.1.3.11 or earlier.
Upgrade your NETGEAR Orbi device to firmware version 12.1.3.11 or later.
There are currently no reports of active exploitation, but it's crucial to apply the patch promptly.
Please refer to the official NETGEAR security advisory for detailed information and updates: [https://kb.netgear.com/000063854/Security-Advisory-for-Authentication-Bypass-on-Orbi-Devices](https://kb.netgear.com/000063854/Security-Advisory-for-Authentication-Bypass-on-Orbi-Devices)
Sube tu archivo de dependencias y detecta esta y otras CVEs al instante.