CVE-2026-0411

Published Jun 9, 2026

Last updated 3 hours ago

CVSS medium 4.2

Overview

Description: An information disclosure vulnerability in the NETGEAR Orbi satellites (RBR/RBE/RBS Series) could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without satellite devices are not impacted by this issue.
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
NVD status: Analyzed
Products: rbe970_firmware, rbr350_firmware, rbr760_firmware, rbs350_firmware, rbs760_firmware

Risk scores

CVSS 4.0

Type: Secondary
Base score: 4.2
Impact score: -
Exploitability score: -
Vector string: CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity: MEDIUM

CVSS 3.1

Type: Primary
Base score: 8
Impact score: 5.9
Exploitability score: 2.1
Vector string: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

a2826606-91e7-4eb6-899e-8484bd4575d5: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbe970_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "C3821162-B566-4B42-B210-B7F2B0E39512",
            "versionEndExcluding": "9.13.2.1",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbe970:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "DE1F3088-9598-4EB5-A8A0-E0D4E529CB12",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbr350_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "15B6577A-EB55-40E2-9B6C-2821923E76E9",
            "versionEndExcluding": "4.4.2.2",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbr350:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "C967BD79-D46C-4E73-9063-394454C33180",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbr760_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "87A60D1D-8933-43AD-8C45-3377B3F02F89",
            "versionEndExcluding": "6.3.8.11",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbr760:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "49412019-F011-40A8-B09E-F704E9C343AB",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbs350_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "3BCF891A-82B5-45FA-9041-86D2CD05248F",
            "versionEndExcluding": "4.4.2.2",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbs350:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "D69C0384-012F-4F3C-B5B2-EE2087C8187D",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbs760_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "B325A884-D98D-40CD-829F-9F75E8028AE1",
            "versionEndExcluding": "6.3.8.11",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbs760:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "1A648203-25DE-41E9-A7C4-A08F070479D1",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 4.0

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References