Ex3110 Firmware
CVE-2026-0407
HIGH
Severity by source
AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
An insufficient authentication vulnerability in NETGEAR WiFi range extenders allows a network adjacent attacker with WiFi authentication or a physical Ethernet port connection to bypass the authentication process and access the admin panel.
AnalysisAI
NETGEAR WiFi extenders (Ex3110, Ex6110, Ex5000, Ex2800) contain an authentication bypass vulnerability that allows network-adjacent attackers with WiFi access or physical Ethernet connectivity to gain unauthorized admin panel access. An attacker can exploit insufficient authentication validation to fully compromise the device's confidentiality, integrity, and availability. A patch is available for affected firmware versions.
Technical ContextAI
Classified as CWE-287 (Improper Authentication). Affects Ex5000 Firmware. An insufficient authentication vulnerability in NETGEAR WiFi range extenders allows a network adjacent attacker with WiFi authentication or a physical Ethernet port connection to bypass the authentication process and access the admin panel.
RemediationAI
A vendor patch is available — apply it immediately.
More in Ex3110 Firmware
View allCertain NETGEAR devices are affected by incorrect configuration of security settings. Rated critical severity (CVSS 9.4)
NETGEAR WiFi extenders (Ex5000, Ex6110, Ex2800, Ex3110) with improper path traversal validation allow authenticated LAN
Same weakness CWE-287 – Improper Authentication
View allShare
External POC / Exploit Code
Leaving vuln.today