Description

A path traversal vulnerability in NETGEAR WiFi range extenders allows an attacker with LAN authentication to access the router's IP and review the contents of the dynamically generated webproc file, which records the username and password submitted to the router GUI.

INFO

Published Date :

2026-01-13T16:01:11.201Z

Last Modified :

2026-02-26T15:04:43.819Z

Source :

NETGEAR
AFFECTED PRODUCTS

The following products are affected by CVE-2026-0408 vulnerability.

Vendors Products
Netgear
  • Ex2800
  • Ex2800 Firmware
  • Ex3110
  • Ex3110 Firmware
  • Ex5000
  • Ex5000 Firmware
  • Ex6110
  • Ex6110 Firmware
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-0408.

URL Resource
https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory cve-icon cve-icon
https://www.netgear.com/support/product/ex2800 cve-icon cve-icon
https://www.netgear.com/support/product/ex3110 cve-icon cve-icon
https://www.netgear.com/support/product/ex5000 cve-icon cve-icon
https://www.netgear.com/support/product/ex6110 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact