VYPR

WiFi range extenders

by Netgear

CVEs (5)

  • CVE-2026-3294HigMay 22, 2026
    risk 0.57cvss 8.8epss 0.00

    An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to…

  • CVE-2022-38955HigSep 20, 2022
    risk 0.49cvss 7.5epss 0.00

    An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. An attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the CRC check. A successful attack can either introduce a backdoor to the…

  • CVE-2022-38956MedSep 20, 2022
    risk 0.34cvss 5.3epss 0.00

    An exploitable firmware downgrade vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. An attacker can conduct a MITM attack to replace the user-uploaded firmware image with an original old firmware image. This affects Firmware 1.1.1_1.1.9 and earlier.

  • CVE-2026-0408Jan 13, 2026
    risk 0.00cvss epss 0.00

    A path traversal vulnerability in NETGEAR WiFi range extenders allows an attacker with LAN authentication to access the router's IP and review the contents of the dynamically generated webproc file, which records the username and password submitted to the router GUI.

  • CVE-2026-0407Jan 13, 2026
    risk 0.00cvss epss 0.00

    An insufficient authentication vulnerability in NETGEAR WiFi range extenders allows a network adjacent attacker with WiFi authentication or a physical Ethernet port connection to bypass the authentication process and access the admin panel.