CVE-2026-0411
MEDIUMNETGEAR Orbi Satellites - Administrator Access Information Disclosure
Title source: manualDescription
An information disclosure vulnerability in the NETGEAR Orbi satellites (RBR/RBE/RBS Series) could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without satellite devices are not impacted by this issue.
References (6)
Core 6
Core References
Patch product
patch
https://www.netgear.com/support/product/rbr350/
Patch product
patch
https://www.netgear.com/support/product/rbs760/
Patch product
patch
https://www.netgear.com/support/product/rbs350/
Patch product
patch
https://www.netgear.com/support/product/rbr760/
Patch product
patch
https://www.netgear.com/support/product/rbe970/
Vendor Advisory vendor-advisory
https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory
Scores
CVSS v4
4.2
EPSS
0.0023
EPSS Percentile
13.4%
CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-200
Status
published
Products (6)
NETGEAR/RBE970
< 6.3.8.11
NETGEAR/RBE97x
< 6.3.8.11
NETGEAR/RBR350
< V4.4.2.2
NETGEAR/RBR760
< V6.3.8.11
NETGEAR/RBS350
< V4.4.2.2
NETGEAR/RBS760
< V6.3.8.11
Published
Jun 09, 2026
Tracked Since
Jun 09, 2026