QwikSec

Security Database

CVE

CWE

Training

CVE-2026-0407

Published: Jan 13, 2026

Modified: Feb 26, 2026

PUBLISHED

Description

An insufficient authentication vulnerability in NETGEAR WiFi range extenders allows a network adjacent attacker with WiFi authentication or a physical Ethernet port connection to bypass the authentication process and access the admin panel.

Vendor	Product	Versions
NETGEAR	EX5000	affected `0 - < v1.0.1.82`
NETGEAR	EX3110	affected `0 - < v1.0.1.82`
NETGEAR	EX6110	affected `0 - < v1.0.1.82`
NETGEAR	EX2800	affected `0 - < v1.0.1.82`

Weaknesses (CWE)

References

https://www.netgear.com/support/product/ex5000

product

patch

https://www.netgear.com/support/product/ex3110

product

patch

https://www.netgear.com/support/product/ex6110

product

patch

https://www.netgear.com/support/product/ex2800

product

patch

https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.