Vulnerability Details CVE-2026-0407
An insufficient authentication vulnerability in NETGEAR WiFi range
extenders allows a network adjacent attacker with WiFi authentication or
a physical Ethernet port connection to bypass the authentication
process and access the admin panel.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.7%
CVSS Severity
CVSS v3 Score 8.0
References
Products affected by CVE-2026-0407
-
cpe:2.3:h:netgear:ex2800:-
-
cpe:2.3:h:netgear:ex3110:-
-
cpe:2.3:h:netgear:ex5000:-
-
cpe:2.3:h:netgear:ex6110:-
-
cpe:2.3:o:netgear:ex2800_firmware:1.0.1.64
-
cpe:2.3:o:netgear:ex2800_firmware:1.0.1.68
-
cpe:2.3:o:netgear:ex2800_firmware:1.0.1.70
-
cpe:2.3:o:netgear:ex2800_firmware:1.0.1.74
-
cpe:2.3:o:netgear:ex2800_firmware:1.0.1.80
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.0.44
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.1.50
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.1.52
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.1.58
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.1.60
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.1.62
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.1.68
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.1.70
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.1.74
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.1.80
-
cpe:2.3:o:netgear:ex5000_firmware:1.0.1.64
-
cpe:2.3:o:netgear:ex5000_firmware:1.0.1.68
-
cpe:2.3:o:netgear:ex5000_firmware:1.0.1.70
-
cpe:2.3:o:netgear:ex5000_firmware:1.0.1.74
-
cpe:2.3:o:netgear:ex5000_firmware:1.0.1.80
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.0.44
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.1.50
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.1.52
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.1.58
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.1.60
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.1.62
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.1.68
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.1.70
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.1.74
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.1.80