A Sensitive Information Disclosure Vulnerability in NETGEAR Orbi Satellites
Summary
| CVE | CVE-2026-0411 |
|---|---|
| State | PUBLISHED |
| Assigner | NETGEAR |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-06-09 17:16:58 UTC |
| Updated | 2026-06-18 18:05:56 UTC |
| Description | An information disclosure vulnerability in the NETGEAR Orbi satellites (RBR/RBE/RBS Series) could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without satellite devices are not impacted by this issue. |
Risk And Classification
Primary CVSS: v4.0 4.2 MEDIUM from a2826606-91e7-4eb6-899e-8484bd4575d5
CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS: 0.002780000 probability, percentile 0.194260000 (date 2026-06-24)
Problem Types: CWE-200 | CWE-200 CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 4.0 | a2826606-91e7-4eb6-899e-8484bd4575d5 | Secondary | 4.2 | MEDIUM | CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:U/C... |
| 4.0 | CNA | CVSS | 4.2 | MEDIUM | CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:U |
| 3.1 | [email protected] | Primary | 8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVSS v4.0 Breakdown
CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CVSS v3.1 Breakdown
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Netgear | Rbe970 | - | All | All | All |
| Operating System | Netgear | Rbe970 Firmware | All | All | All | All |
| Hardware | Netgear | Rbr350 | - | All | All | All |
| Operating System | Netgear | Rbr350 Firmware | All | All | All | All |
| Hardware | Netgear | Rbr760 | - | All | All | All |
| Operating System | Netgear | Rbr760 Firmware | All | All | All | All |
| Hardware | Netgear | Rbs350 | - | All | All | All |
| Operating System | Netgear | Rbs350 Firmware | All | All | All | All |
| Hardware | Netgear | Rbs760 | - | All | All | All |
| Operating System | Netgear | Rbs760 Firmware | All | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | NETGEAR | RBE970 | affected 6.3.8.11 custom | Not specified |
| CNA | NETGEAR | RBR350 | affected V4.4.2.2 custom | Not specified |
| CNA | NETGEAR | RBR760 | affected V6.3.8.11 custom | Not specified |
| CNA | NETGEAR | RBS350 | affected V4.4.2.2 custom | Not specified |
| CNA | NETGEAR | RBS760 | affected V6.3.8.11 custom | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory | a2826606-91e7-4eb6-899e-8484bd4575d5 | kb.netgear.com | Vendor Advisory |
| www.netgear.com/support/product/rbe970 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/rbr350 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/rbr760 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/rbs350 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| www.netgear.com/support/product/rbs760 | a2826606-91e7-4eb6-899e-8484bd4575d5 | www.netgear.com | Product |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Additional Advisory Data
Solutions
CNA: NETGEAR strongly recommends that you install the latest firmware as soon as possible. Issue fixed in: ProductFixed VersionRBE970 Orbi Quad-band Mesh WiFi 7 Add-on Satellite 6.3.8.11 https://www.netgear.com/support/product/rbe970/ RBR350 Orbi AX1800 WiFi 6 Dual-band Mesh Router V4.4.2.2 https://www.netgear.com/support/product/rbr350/ RBR760 Orbi Tri-Band Mesh WiFi 6 Router V6.3.8.11 https://www.netgear.com/support/product/rbr760/ RBS350 Orbi AX1800 WiFi 6 Dual-band Mesh Add-on Satellite V4.4.2.2 https://www.netgear.com/support/product/rbs350/ RBS760 Orbi Tri-Band Mesh WiFi 6 Add-on Satellite V6.3.8.11 https://www.netgear.com/support/product/rbs760/