Skip to main content

Ex5000 Firmware

4 CVEs product

Monthly

CVE-2026-0408 HIGH PATCH This Week

NETGEAR WiFi extenders (Ex5000, Ex6110, Ex2800, Ex3110) with improper path traversal validation allow authenticated LAN users to access the webproc configuration file and extract stored router credentials. An attacker with local network access can leverage this to obtain administrative credentials for further network compromise. A patch is available.

Netgear Path Traversal Ex5000 Firmware Ex6110 Firmware Ex2800 Firmware +1
NVD
CVSS 3.1
8.0
EPSS
0.1%
CVE-2026-0407 HIGH PATCH This Week

NETGEAR WiFi extenders (Ex3110, Ex6110, Ex5000, Ex2800) contain an authentication bypass vulnerability that allows network-adjacent attackers with WiFi access or physical Ethernet connectivity to gain unauthorized admin panel access. An attacker can exploit insufficient authentication validation to fully compromise the device's confidentiality, integrity, and availability. A patch is available for affected firmware versions.

Netgear Ex3110 Firmware Ex6110 Firmware Ex5000 Firmware Ex2800 Firmware
NVD
CVSS 3.1
8.0
EPSS
0.1%
CVE-2016-1561 HIGH POC THREAT Act Now

ExaGrid appliances with firmware before 4.8 P26 have a default SSH public key in the authorized_keys file for root, which allows remote attackers to obtain SSH access by leveraging knowledge of a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 84.4%.

Information Disclosure Ex3000 Firmware Ex5000 Firmware Ex7000 Firmware Ex10000E Firmware +4
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
84.4%
Threat
5.5
CVE-2016-1560 CRITICAL POC THREAT Emergency

ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 81.7%.

Authentication Bypass Ex3000 Firmware Ex5000 Firmware Ex7000 Firmware Ex10000E Firmware +4
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
81.7%
Threat
5.9
EPSS 0% CVSS 8.0
HIGH PATCH This Week

NETGEAR WiFi extenders (Ex5000, Ex6110, Ex2800, Ex3110) with improper path traversal validation allow authenticated LAN users to access the webproc configuration file and extract stored router credentials. An attacker with local network access can leverage this to obtain administrative credentials for further network compromise. A patch is available.

Netgear Path Traversal Ex5000 Firmware +3
NVD
EPSS 0% CVSS 8.0
HIGH PATCH This Week

NETGEAR WiFi extenders (Ex3110, Ex6110, Ex5000, Ex2800) contain an authentication bypass vulnerability that allows network-adjacent attackers with WiFi access or physical Ethernet connectivity to gain unauthorized admin panel access. An attacker can exploit insufficient authentication validation to fully compromise the device's confidentiality, integrity, and availability. A patch is available for affected firmware versions.

Netgear Ex3110 Firmware Ex6110 Firmware +2
NVD
EPSS 84% 5.5 CVSS 7.5
HIGH POC THREAT Act Now

ExaGrid appliances with firmware before 4.8 P26 have a default SSH public key in the authorized_keys file for root, which allows remote attackers to obtain SSH access by leveraging knowledge of a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 84.4%.

Information Disclosure Ex3000 Firmware Ex5000 Firmware +6
NVD Exploit-DB
EPSS 82% 5.9 CVSS 9.8
CRITICAL POC THREAT Emergency

ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 81.7%.

Authentication Bypass Ex3000 Firmware Ex5000 Firmware +6
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy