Skip to main content

Rbr350

2 CVEs product

Monthly

CVE-2026-9212 MEDIUM PATCH This Month

Insufficient authentication (CWE-306) and input validation weaknesses across more than 25 NETGEAR router and mesh system models allow an adjacent-network attacker with low-level privileges to execute arbitrary commands and read sensitive configuration data, or alter certain device settings. The CVSS 4.0 vector confirms the attack is limited to adjacent network segments (AV:A) and requires low privileges (PR:L), with high confidentiality impact on both the vulnerable component and subsequent systems (VC:H, SC:H). No public exploit has been identified at time of analysis, and NETGEAR has self-reported the issue with patches available for all listed product lines.

Authentication Bypass Netgear Lbr1020 Lbr20 R6700Ax +22
NVD VulDB
CVSS 4.0
5.6
EPSS
0.1%
CVE-2026-0411 MEDIUM PATCH This Month

Information disclosure in NETGEAR Orbi satellite devices (RBR350, RBR760, RBS350, RBS760, RBE97x) allows a low-privileged user on the same network to obtain administrator access to the Orbi router. The flaw resides specifically in the satellite-to-router communication layer, as NETGEAR explicitly confirms Orbi systems deployed without satellites are unaffected. No public exploit exists (CVSS E:U) and CISA SSVC rates exploitation as none, but the high secondary impact scores (SC:H/SI:H/SA:H) reflect that successful exploitation yields full router compromise.

Information Disclosure Netgear Rbe97X Rbr350 Rbr760 +2
NVD VulDB
CVSS 4.0
4.2
EPSS
0.0%
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

Insufficient authentication (CWE-306) and input validation weaknesses across more than 25 NETGEAR router and mesh system models allow an adjacent-network attacker with low-level privileges to execute arbitrary commands and read sensitive configuration data, or alter certain device settings. The CVSS 4.0 vector confirms the attack is limited to adjacent network segments (AV:A) and requires low privileges (PR:L), with high confidentiality impact on both the vulnerable component and subsequent systems (VC:H, SC:H). No public exploit has been identified at time of analysis, and NETGEAR has self-reported the issue with patches available for all listed product lines.

Authentication Bypass Netgear Lbr1020 +24
NVD VulDB
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

Information disclosure in NETGEAR Orbi satellite devices (RBR350, RBR760, RBS350, RBS760, RBE97x) allows a low-privileged user on the same network to obtain administrator access to the Orbi router. The flaw resides specifically in the satellite-to-router communication layer, as NETGEAR explicitly confirms Orbi systems deployed without satellites are unaffected. No public exploit exists (CVSS E:U) and CISA SSVC rates exploitation as none, but the high secondary impact scores (SC:H/SI:H/SA:H) reflect that successful exploitation yields full router compromise.

Information Disclosure Netgear Rbe97X +4
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy