CVE-2026-0408
Path Traversal in NETGEAR Extenders Exposes Router Credentials
Publication date: 2026-01-13
Last updated on: 2026-02-20
Assigner: Netgear, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| netgear | ex2800_firmware | to 1.0.1.82 (exc) |
| netgear | ex3110_firmware | to 1.0.1.82 (exc) |
| netgear | ex5000_firmware | to 1.0.1.82 (exc) |
| netgear | ex6110_firmware | to 1.0.1.82 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-287 | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a path traversal flaw in NETGEAR WiFi range extenders that allows an attacker with LAN authentication to access the router's IP and view the contents of a dynamically generated webproc file. This file contains sensitive information such as usernames and passwords submitted to the router's GUI.
How can this vulnerability impact me? :
An attacker who exploits this vulnerability can gain access to sensitive credentials (usernames and passwords) used to manage the router. This could lead to unauthorized access to the router's administrative interface, potentially allowing further malicious actions on the network.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, ensure that your NETGEAR WiFi range extender devices have the latest firmware updates installed. If your devices do not have automatic updates enabled, manually verify and update the firmware to the latest version provided by NETGEAR to prevent exploitation. [2]