Orbi
by Netgear
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-0404 | 0.00 | — | 0.00 | Jan 13, 2026 | An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default. | |||
| CVE-2026-0405 | 0.00 | — | 0.00 | Jan 13, 2026 | An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin. | |||
| CVE-2026-0403 | 0.00 | — | 0.00 | Jan 13, 2026 | An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections. |
- CVE-2026-0404Jan 13, 2026risk 0.00cvss —epss 0.00
An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default.
- CVE-2026-0405Jan 13, 2026risk 0.00cvss —epss 0.00
An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin.
- CVE-2026-0403Jan 13, 2026risk 0.00cvss —epss 0.00
An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections.