Vulnerability Details CVE-2026-0408
A path traversal vulnerability in NETGEAR WiFi range extenders allows
an attacker with LAN authentication to access the router's IP and
review the contents of the dynamically generated webproc file, which
records the username and password submitted to the router GUI.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 31.0%
CVSS Severity
CVSS v3 Score 8.0
References
Products affected by CVE-2026-0408
-
cpe:2.3:h:netgear:ex2800:-
-
cpe:2.3:h:netgear:ex3110:-
-
cpe:2.3:h:netgear:ex5000:-
-
cpe:2.3:h:netgear:ex6110:-
-
cpe:2.3:o:netgear:ex2800_firmware:1.0.1.64
-
cpe:2.3:o:netgear:ex2800_firmware:1.0.1.68
-
cpe:2.3:o:netgear:ex2800_firmware:1.0.1.70
-
cpe:2.3:o:netgear:ex2800_firmware:1.0.1.74
-
cpe:2.3:o:netgear:ex2800_firmware:1.0.1.80
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.0.44
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.1.50
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.1.52
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.1.58
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.1.60
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.1.62
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.1.68
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.1.70
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.1.74
-
cpe:2.3:o:netgear:ex3110_firmware:1.0.1.80
-
cpe:2.3:o:netgear:ex5000_firmware:1.0.1.64
-
cpe:2.3:o:netgear:ex5000_firmware:1.0.1.68
-
cpe:2.3:o:netgear:ex5000_firmware:1.0.1.70
-
cpe:2.3:o:netgear:ex5000_firmware:1.0.1.74
-
cpe:2.3:o:netgear:ex5000_firmware:1.0.1.80
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.0.44
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.1.50
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.1.52
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.1.58
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.1.60
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.1.62
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.1.68
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.1.70
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.1.74
-
cpe:2.3:o:netgear:ex6110_firmware:1.0.1.80