VYPR

Orbi

by Netgear

CVEs (6)

  • CVE-2026-0411MedJun 9, 2026
    risk 0.27cvss epss 0.00

    An information disclosure vulnerability in the NETGEAR Orbi satellites (RBR/RBE/RBS Series) could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without…

  • CVE-2026-0404Jan 13, 2026
    risk 0.00cvss epss 0.01

    An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default.

  • CVE-2026-0405Jan 13, 2026
    risk 0.00cvss epss 0.00

    An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin.

  • CVE-2026-0403Jan 13, 2026
    risk 0.00cvss epss 0.00

    An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections.

  • CVE-2023-41183May 3, 2024
    risk 0.00cvss epss 0.15

    NETGEAR Orbi 760 SOAP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR Orbi 760 routers. Authentication is not required to exploit this vulnerability. The specific flaw…

  • CVE-2020-27861Feb 11, 2021
    risk 0.00cvss epss 0.02

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Orbi 2.5.1.16 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UA_Parser utility. A crafted Host Name…