CVE-2026-0411
Analyzed Analyzed - Analysis Complete

Information Disclosure in NETGEAR Orbi Satellites

Publication date: 2026-06-09

Last updated on: 2026-06-18

Assigner: Netgear, Inc.

Description
An information disclosure vulnerability in the NETGEAR Orbi satellites (RBR/RBE/RBS Series) could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without satellite devices are not impacted by this issue.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-09
Last Modified
2026-06-18
Generated
2026-06-30
AI Q&A
2026-06-09
EPSS Evaluated
2026-06-28
NVD
CVE-2026-0411
EUVD
EUVD-2026-35465

Affected Vendors & Products

Showing 5 associated CPEs
Vendor Product Version / Range
netgear rbe970_firmware to 9.13.2.1 (exc)
netgear rbr350_firmware to 4.4.2.2 (exc)
netgear rbr760_firmware to 6.3.8.11 (exc)
netgear rbs350_firmware to 4.4.2.2 (exc)
netgear rbs760_firmware to 6.3.8.11 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is an information disclosure issue in NETGEAR Orbi satellite devices. It could allow a user who is connected to your network to gain administrator access to the Orbi router. This means that someone with network access could potentially control the router through the affected satellite devices.

It is important to note that Orbi WiFi Systems without satellite devices are not impacted by this vulnerability.

Impact Analysis

If exploited, this vulnerability could allow an attacker connected to your network to gain administrator access to your Orbi router. This could lead to unauthorized control over your network settings, potentially allowing the attacker to change configurations, monitor network traffic, or disrupt network operations.

Compliance Impact

This vulnerability allows a user connected to the network to gain administrator access to the Orbi router, which could lead to unauthorized access to sensitive information.

Such unauthorized access could potentially result in the exposure of personal or protected data, thereby impacting compliance with data protection regulations such as GDPR and HIPAA.

Organizations using affected NETGEAR Orbi satellite devices should consider this risk in their security assessments and remediation plans to maintain compliance with these standards.

Mitigation Strategies

The vulnerability affects certain NETGEAR Orbi satellite models and allows a user connected to your network to gain administrator access to the Orbi router.

Immediate mitigation steps include ensuring that only trusted users are connected to your network, as the vulnerability requires network access.

Since the CVE description does not provide specific mitigation commands or patches, it is recommended to check for and apply any available firmware updates from NETGEAR for the affected Orbi satellite models.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-0411. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart