Unrated severityNVD Advisory· Published Jan 13, 2026· Updated Feb 26, 2026

Authentication bypass in NETGEAR WiFi Range Extenders via network adjacent attacks

CVE-2026-0407

Description

An insufficient authentication vulnerability in NETGEAR WiFi range extenders allows a network adjacent attacker with WiFi authentication or a physical Ethernet port connection to bypass the authentication process and access the admin panel.

Affected products

Netgear/WiFi range extendersllm-fuzzy
NETGEAR/EX2800v5
Range: 0
NETGEAR/EX3110v5
Range: 0
NETGEAR/EX5000v5
Range: 0
NETGEAR/EX6110v5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.netgear.com/support/product/ex2800mitreproductpatch
www.netgear.com/support/product/ex3110mitreproductpatch
www.netgear.com/support/product/ex5000mitreproductpatch
www.netgear.com/support/product/ex6110mitreproductpatch
kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisorymitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000